1. Home
  2. Software
  3. SEASHARPEE

SEASHARPEE

SEASHARPEE is a Web shell that has been used by OilRig. [1]

ID: S0185
Type: MALWARE
Platforms: Windows
Version: 2.0
Created: 16 January 2018
Last Modified: 23 April 2021
Version Permalink
Enterprise Layer
download view

Techniques Used

Domain ID Name Use
Enterprise T1059 .003 Command and Scripting Interpreter: Windows Command Shell

SEASHARPEE can execute commands on victims.[1]
Enterprise T1070 .006 Indicator Removal on Host: Timestomp

SEASHARPEE can timestomp files on victims using a Web shell.[1]
Enterprise T1105 Ingress Tool Transfer

SEASHARPEE can download remote files onto victims.[1]
Enterprise T1505 .003 Server Software Component: Web Shell

SEASHARPEE is a Web shell.[1]

Groups That Use This Software

ID Name References
G0049 OilRig

[1]

References

  1. Davis, S. and Caban, D. (2017, December 19). APT34 - New Targeted Attack in the Middle East. Retrieved December 20, 2017.