Sword

Description

This family of malware provides a backdoor over the network to the attackers. It is configured to connect to a single host and offers file download over HTTP, program execution, and arbitrary execution of commands through a cmd.exe instance.

Names

Name
Sword

Category

Malware

Type

• Backdoor
• Exfiltration
• Tunneling

Information

• https://citizenlab.ca/2013/02/apt1s-glasses-watching-a-human-rights-organization/
• http://contagiodump.blogspot.com/2013/03/mandiant-apt1-samples-categorized-by.html

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.sword

Other Information

Uuid

cf43eaf3-c6e8-4f75-bae6-4566ac3f5119

Last Card Change

2020-04-23