# BoomBox > Tipo: **malware** · S0635 · [MITRE ATT&CK](https://attack.mitre.org/software/S0635) ## Descrição [[s0635-boombox|BoomBox]] é um downloader responsável pela execução de componentes de próxima fase que foi utilizado pelo [[g0016-apt29|APT29]] desde pelo menos 2021. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1218-011-rundll32|T1218.011 - Rundll32]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1102-web-service|T1102 - Web Service]] - [[t1087-002-domain-account|T1087.002 - Domain Account]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1204-002-malicious-file|T1204.002 - Malicious File]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1036-masquerading|T1036 - Masquerading]] - [[t1480-execution-guardrails|T1480 - Execution Guardrails]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] - [[t1033-system-owneruser-discovery|T1033 - System Owner/User Discovery]] - [[t1567-002-exfiltration-to-cloud-storage|T1567.002 - Exfiltration to Cloud Storage]] - [[t1087-003-email-account|T1087.003 - Email Account]] ## Grupos que Usam - [[g0016-apt29|APT29]] ## Referências - [MITRE ATT&CK - S0635](https://attack.mitre.org/software/S0635)