# BlackByte 2.0 Ransomware > Tipo: **malware** · S1181 · [MITRE ATT&CK](https://attack.mitre.org/software/S1181) ## Descrição [[s1181-blackbyte-20-ransomware|BlackByte 2.0 Ransomware]] é um substituto do [[s1180-blackbyte-ransomware|BlackByte Ransomware]]. Ao contrário do [[s1180-blackbyte-ransomware|BlackByte Ransomware]], o [[s1181-blackbyte-20-ransomware|BlackByte 2.0 Ransomware]] não possui uma chave comum para descriptografia das vítimas. [[s1181-blackbyte-20-ransomware|BlackByte 2.0 Ransomware]] permanece exclusivamente associado às operações do [[g1043-blackbyte|BlackByte]]. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1070-006-timestomp|T1070.006 - Timestomp]] - [[t1562-004-disable-or-modify-system-firewall|T1562.004 - Disable or Modify System Firewall]] - [[t1112-modify-registry|T1112 - Modify Registry]] - [[t1486-data-encrypted-for-impact|T1486 - Data Encrypted for Impact]] - [[t1490-inhibit-system-recovery|T1490 - Inhibit System Recovery]] - [[t1068-exploitation-for-privilege-escalation|T1068 - Exploitation for Privilege Escalation]] - [[t1135-network-share-discovery|T1135 - Network Share Discovery]] - [[t1489-service-stop|T1489 - Service Stop]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1569-002-service-execution|T1569.002 - Service Execution]] - [[t1055-process-injection|T1055 - Process Injection]] ## Grupos que Usam - [[g1043-blackbyte|BlackByte]] ## Referências - [MITRE ATT&CK - S1181](https://attack.mitre.org/software/S1181)