BabyShark
MITRE
Malware Type:
Other
Other
First seen:
Unknown
Unknown
Last seen:
Unknown
Unknown
Details:
[BabyShark](https://attack.mitre.org/software/S0414) is a Microsoft Visual Basic (VB) script-based malware family that is believed to be associated with several North Korean campaigns. (Citation: Unit42 BabyShark Feb 2019)
Associated Techniques (16)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1012 | Query Registry | - |
| T1016 | System Network Configuration Discovery | - |
| T1033 | System Owner/User Discovery | - |
| T1053.005 | Scheduled Task | - |
| T1056.001 | Keylogging | - |
| T1057 | Process Discovery | - |
| T1059.003 | Windows Command Shell | - |
| T1059.005 | Visual Basic | - |
| T1070.004 | File Deletion | - |
| T1082 | System Information Discovery | - |
| T1083 | File and Directory Discovery | - |
| T1105 | Ingress Tool Transfer | - |
| T1132.001 | Standard Encoding | - |
| T1140 | Deobfuscate/Decode Files or Information | - |
| T1218.005 | Mshta | - |
Aliases (105)
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
LATEOP
Used by Actors (1)
Metadata
| ID: | 578 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |