Malware Analysis Report

2025-08-05 18:54

Sample ID 240405-vptyfshf7t
Target https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https://outlook.office365.com&shsid=7720b54e-811e-4120-ae65-d26ac16ca6d5&apiver=oneshell&cshver=1.20240208.12.0&[email protected]
Tags
phishing
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https://outlook.office365.com&shsid=7720b54e-811e-4120-ae65-d26ac16ca6d5&apiver=oneshell&cshver=1.20240208.12.0&[email protected] was found to be: Likely malicious.

Malicious Activity Summary

phishing

A potential corporate email address has been identified in the URL: [email protected]

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-04-05 17:10

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-05 17:10

Reported

2024-04-05 17:10

Platform

android-33-x64-arm64-20240229-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A