Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 22:48:49 UTC
Home > List all groups > List all tools > List all groups using tool Safe
 Tool: Safe
Names Safe
Category Malware
Type Backdoor, Info stealer, Exfiltration
Description
(Trend Micro) Opening the malicious document on a system running a vulnerable version of
Microsoft Office opens the decoy document for the user to view. Note though that this also
drops malicious files onto the system that allows the attackers to take control of it. After the
initial compromise, the attackers may then steal files from the compromised system.
Information
<https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2013/Safe-a-targeted-threat.pdf>
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool Safe
Changed Name Country Observed
APT groups
  Safe 2013  
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5b8c6be9-25b3-4bea-98c5-53507e1b6887
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5b8c6be9-25b3-4bea-98c5-53507e1b6887
Page 1 of 1