Overview

overview

8

Static

static

8

URLScan

urlscan

1

https://webshell.sui...

ubuntu-18.04-amd64

7

Resubmissions

23-04-2024 17:30

240423-v3jdwaac74 8

23-04-2024 06:17

240423-g11ngseb5v 8

21-04-2024 20:27

240421-y8nsbsbc9w 8

21-04-2024 20:20

240421-y4swgsba24 8

08-04-2024 20:45

240408-zj49fseg5y 8

05-04-2024 18:10

240405-wsd7vaaf8v 8

05-04-2024 18:10

240405-wr4fcabc25 8

05-04-2024 18:09

240405-wrkcgaaf6s 8

05-04-2024 18:08

240405-wrcydsbb88 8

05-04-2024 17:10

240405-vp2cjaab76 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https://outlook.office365.com&shsid=7720b54e-811e-4120-ae65-d26ac16ca6d5&apiver=oneshell&cshver=1.20240208.12.0&[email protected]

  • Sample

    240405-vp2cjaab76

Score
8/10
antivmlinuxphishingspywarestealer

Malware Config

Targets

    • Target

      https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https://outlook.office365.com&shsid=7720b54e-811e-4120-ae65-d26ac16ca6d5&apiver=oneshell&cshver=1.20240208.12.0&[email protected]

    Score
    7/10
    antivmspywarestealer

    • Changes its process name

    • Reads user data of web browsers

      Reads stored browser data which can include saved credentials.

      spywarestealer

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Reads CPU attributes

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks