# GoldenSpy > Tipo: **malware** · S0493 · [MITRE ATT&CK](https://attack.mitre.org/software/S0493) ## Descrição [[s0493-goldenspy|GoldenSpy]] é um malware backdoor embalado junto com um software legítimo de preparação de impostos. O [[s0493-goldenspy|GoldenSpy]] foi descoberto visando organizações na China, sendo entregue com o pacote de software "Intelligent Tax", produzido pelo Departamento Golden Tax da Aisino Credit Information Co. e exigido para o pagamento de impostos locais. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1543-003-windows-service|T1543.003 - Windows Service]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1136-001-local-account|T1136.001 - Local Account]] - [[t1571-non-standard-port|T1571 - Non-Standard Port]] - [[t1041-exfiltration-over-c2-channel|T1041 - Exfiltration Over C2 Channel]] - [[t1195-002-compromise-software-supply-chain|T1195.002 - Compromise Software Supply Chain]] - [[t1036-005-match-legitimate-resource-name-or-location|T1036.005 - Match Legitimaté Resource Name or Location]] - [[t1106-native-api|T1106 - Native API]] - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1497-003-time-based-checks|T1497.003 - Time Based Checks]] - [[t1027-013-encryptedencoded-file|T1027.013 - Encrypted/Encoded File]] ## Referências - [MITRE ATT&CK - S0493](https://attack.mitre.org/software/S0493)