# Daserf > Tipo: **malware** · S0187 · [MITRE ATT&CK](https://attack.mitre.org/software/S0187) ## Descrição [[s0187-daserf|Daserf]] é um backdoor utilizado para espionagem e roubo de dados de vítimas jáponesas, sul-coreanas, russas, singapurenses e chinesas. Pesquisadores identificaram versões escritas tanto em Visual C quanto em Delphi. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] - [[t1553-002-code-signing|T1553.002 - Code Signing]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1027-002-software-packing|T1027.002 - Software Packing]] - [[t1132-001-standard-encoding|T1132.001 - Standard Encoding]] - [[t1560-001-archive-via-utility|T1560.001 - Archive via Utility]] - [[t1113-screen-capture|T1113 - Screen Capture]] - [[t1027-obfuscated-files-or-information|T1027 - Obfuscated Files or Information]] - [[t1001-002-steganography|T1001.002 - Steganography]] - [[t1573-001-symmetric-cryptography|T1573.001 - Symmetric Cryptography]] - [[t1036-005-match-legitimate-resource-name-or-location|T1036.005 - Match Legitimaté Resource Name or Location]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1003-001-lsass-memory|T1003.001 - LSASS Memory]] - [[t1560-archive-collected-data|T1560 - Archive Collected Data]] ## Grupos que Usam - [[g0060-bronze-butler|BRONZE BUTLER]] ## Referências - [MITRE ATT&CK - S0187](https://attack.mitre.org/software/S0187)