# DEADEYE > Tipo: **malware** · S1052 · [MITRE ATT&CK](https://attack.mitre.org/software/S1052) ## Descrição [[s1052-deadeye|DEADEYE]] é um launcher de malware utilizado pelo [[g0096-apt41|APT41]] desde pelo menos maio de 2021. O [[s1052-deadeye|DEADEYE]] possui variantes capazes de incorporar um payload dentro de um binário compilado (DEADEYE.EMBED) ou anexá-lo ao final de um arquivo (DEADEYE.APPEND). **Plataformas:** Windows ## Técnicas Utilizadas - [[t1027-013-encryptedencoded-file|T1027.013 - Encrypted/Encoded File]] - [[t1480-execution-guardrails|T1480 - Execution Guardrails]] - [[t1218-007-msiexec|T1218.007 - Msiexec]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1027-009-embedded-payloads|T1027.009 - Embedded Payloads]] - [[t1106-native-api|T1106 - Native API]] - [[t1218-011-rundll32|T1218.011 - Rundll32]] - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1016-system-network-configuration-discovery|T1016 - System Network Configuration Discovery]] - [[t1036-004-masquerade-task-or-service|T1036.004 - Masquerade Task or Service]] - [[t1564-004-ntfs-file-attributes|T1564.004 - NTFS File Attributes]] ## Referências - [MITRE ATT&CK - S1052](https://attack.mitre.org/software/S1052)