# CosmicDuke > Tipo: **malware** · S0050 · [MITRE ATT&CK](https://attack.mitre.org/software/S0050) ## Descrição [[s0050-cosmicduke|CosmicDuke]] é um malware utilizado pelo [[g0016-apt29|APT29]] entre 2010 e 2015. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1543-003-windows-service|T1543.003 - Windows Service]] - [[t1003-004-lsa-secrets|T1003.004 - LSA Secrets]] - [[t1048-003-exfiltration-over-unencrypted-non-c2-protocol|T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol]] - [[t1039-data-from-network-shared-drive|T1039 - Data from Network Shared Drive]] - [[t1555-credentials-from-password-stores|T1555 - Credentials from Password Stores]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1555-003-credentials-from-web-browsers|T1555.003 - Credentials from Web Browsers]] - [[t1068-exploitation-for-privilege-escalation|T1068 - Exploitation for Privilege Escalation]] - [[t1115-clipboard-data|T1115 - Clipboard Data]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1113-screen-capture|T1113 - Screen Capture]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1114-001-local-email-collection|T1114.001 - Local Email Collection]] - [[t1003-002-security-account-manager|T1003.002 - Security Account Manager]] - [[t1020-automated-exfiltration|T1020 - Automated Exfiltration]] ## Grupos que Usam - [[g0016-apt29|APT29]] ## Referências - [MITRE ATT&CK - S0050](https://attack.mitre.org/software/S0050)