# Mongall > Tipo: **malware** · S1026 · [MITRE ATT&CK](https://attack.mitre.org/software/S1026) ## Descrição [[s1026-mongall|Mongall]] é um backdoor em uso desde pelo menos 2013, incluindo pelo [[g1007-aoqin-dragon|Aoqin Dragon]]. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1204-002-malicious-file|T1204.002 - Malicious File]] - [[t1120-peripheral-device-discovery|T1120 - Peripheral Device Discovery]] - [[t1680-local-storage-discovery|T1680 - Local Storage Discovery]] - [[t1573-001-symmetric-cryptography|T1573.001 - Symmetric Cryptography]] - [[t1218-011-rundll32|T1218.011 - Rundll32]] - [[t1005-data-from-local-system|T1005 - Data from Local System]] - [[t1132-001-standard-encoding|T1132.001 - Standard Encoding]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1041-exfiltration-over-c2-channel|T1041 - Exfiltration Over C2 Channel]] - [[t1055-001-dynamic-link-library-injection|T1055.001 - Dynamic-link Library Injection]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1027-002-software-packing|T1027.002 - Software Packing]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] ## Grupos que Usam - [[g1007-aoqin-dragon|Aoqin Dragon]] ## Referências - [MITRE ATT&CK - S1026](https://attack.mitre.org/software/S1026)