Skip to content
MalwareWiki

Malware

StarFish

According to IBM X-Force, this is a simple reverse shell.

StarFish is a JavaScript malware family.

Background

IBM X-Force describes StarFish as a basic reverse shell. When run, the script builds a unique victim identifier by pairing the machine's product ID with its computer name. It then contacts a hardcoded server and runs any supplied commands directly through cmd.exe, returning the output via a POST request once the command finishes or times out.

Source: Malpedia (Fraunhofer FKIE).