Spaceship

Description

(FireEye) SPACESHIP searches for files with a specified set of file extensions and copies them to a removable drive. FireEye believes that SHIPSHAPE is used to copy SPACESHIP to a removable drive, which could be used to infect another victim computer, including an air-gapped computer. SPACESHIP is then used to steal documents from the air-gapped system, copying them to a removable drive inserted into the SPACESHIP-infected system.

Names

Name
Spaceship

Type

Exfiltration

Information

https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2015/05/20081935/rpt-apt30.pdf

Mitre Attack

https://attack.mitre.org/software/S0035/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.spaceship

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:spaceship

Other Information

Uuid

61a36a16-f4cb-4174-9151-7c5890c874b7

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

Spaceship

Spaceship

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks