# ROADSWEEP > Tipo: **malware** · S1150 · [MITRE ATT&CK](https://attack.mitre.org/software/S1150) ## Descrição [[s1150-roadsweep|ROADSWEEP]] é um ransomware implantado contra redes do governo albanês durante a operação [[homeland-justice|HomeLand Justice]], em conjunto com o backdoor [[s1149-chimneysweep|CHIMNEYSWEEP]]. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1027-013-encryptedencoded-file|T1027.013 - Encrypted/Encoded File]] - [[t1553-002-code-signing|T1553.002 - Code Signing]] - [[t1559-inter-process-communication|T1559 - Inter-Process Commúnication]] - [[t1486-data-encrypted-for-impact|T1486 - Data Encrypted for Impact]] - [[t1491-001-internal-defacement|T1491.001 - Internal Defacement]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] - [[t1680-local-storage-discovery|T1680 - Local Storage Discovery]] - [[t1120-peripheral-device-discovery|T1120 - Peripheral Device Discovery]] - [[t1489-service-stop|T1489 - Service Stop]] - [[t1480-execution-guardrails|T1480 - Execution Guardrails]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1490-inhibit-system-recovery|T1490 - Inhibit System Recovery]] - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] ## Referências - [MITRE ATT&CK - S1150](https://attack.mitre.org/software/S1150)