# BlackByte Ransomware > Tipo: **malware** · S1180 · [MITRE ATT&CK](https://attack.mitre.org/software/S1180) ## Descrição [[s1180-blackbyte-ransomware|BlackByte Ransomware]] está exclusivamente associado às operações do [[g1043-blackbyte|BlackByte]]. O [[s1180-blackbyte-ransomware|BlackByte Ransomware]] usava uma chave comum para infecções, permitindo a criação de um descriptografador universal. O [[s1180-blackbyte-ransomware|BlackByte Ransomware]] foi substituído nas operações do [[g1043-blackbyte|BlackByte]] pelo [[s1181-blackbyte-20-ransomware|BlackByte 2.0 Ransomware]] até 2023. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1135-network-share-discovery|T1135 - Network Share Discovery]] - [[t1486-data-encrypted-for-impact|T1486 - Data Encrypted for Impact]] - [[t1012-query-registry|T1012 - Query Registry]] - [[t1059-007-javascript|T1059.007 - JavaScript]] - [[t1570-lateral-tool-transfer|T1570 - Lateral Tool Transfer]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1053-005-scheduled-task|T1053.005 - Scheduled Task]] - [[t1490-inhibit-system-recovery|T1490 - Inhibit System Recovery]] - [[t1046-network-service-discovery|T1046 - Network Service Discovery]] - [[t1027-013-encryptedencoded-file|T1027.013 - Encrypted/Encoded File]] - [[t1562-010-downgrade-attack|T1562.010 - Downgrade Attack]] - [[t1106-native-api|T1106 - Native API]] - [[t1222-001-windows-file-and-directory-permissions-modification|T1222.001 - Windows File and Directory Permissions Modification]] - [[t1112-modify-registry|T1112 - Modify Registry]] - [[t1480-execution-guardrails|T1480 - Execution Guardrails]] ## Grupos que Usam - [[g1043-blackbyte|BlackByte]] ## Referências - [MITRE ATT&CK - S1180](https://attack.mitre.org/software/S1180)