Spark

Description

(Cybereason) The Spark backdoor allows the attackers to: • Collect information about the infected machine. • Encrypt the collected data and send it to the attackers over the HTTP protocol. • Download additional payloads. • Log keystrokes. • Record audio using the computer’s microphone. • Execute commands on the infected machine.

The creators of the Spark backdoor use a few techniques that are intended to keep the backdoor under-the-radar, including: • Packing the payloads with the Enigma packer. • Checking for antivirus and other security products using WMI. • Validating Arabic keyboard and language settings on the infected machine.

Names

Name
Spark

Type

Reconnaissance
Backdoor
Keylogger
Info stealer
Downloader

Information

https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-one

Mitre Attack

https://attack.mitre.org/software/S0543/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.spark

Other Information

Uuid

934e2c2c-e02e-4deb-afa4-064a1b10c29b

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Spark

Spark

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks