# PUNCHBUGGY > Tipo: **malware** · S0196 · [MITRE ATT&CK](https://attack.mitre.org/software/S0196) ## Descrição [[s0196-punchbuggy|PUNCHBUGGY]] é um malware backdoor utilizado pelo [[g0061-fin8|FIN8]], observado em ataques direcionados a redes de ponto de venda (PoS) no setor de hospitalidade. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1059-006-python|T1059.006 - Python]] - [[t1218-011-rundll32|T1218.011 - Rundll32]] - [[t1546-009-appcert-dlls|T1546.009 - AppCert DLLs]] - [[t1129-shared-modules|T1129 - Shared Modules]] - [[t1087-001-local-account|T1087.001 - Local Account]] - [[t1518-001-security-software-discovery|T1518.001 - Security Software Discovery]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] - [[t1036-005-match-legitimate-resource-name-or-location|T1036.005 - Match Legitimaté Resource Name or Location]] - [[t1560-001-archive-via-utility|T1560.001 - Archive via Utility]] - [[t1059-001-powershell|T1059.001 - PowerShell]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1074-001-local-data-staging|T1074.001 - Local Data Staging]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] ## Grupos que Usam - [[g0061-fin8|FIN8]] ## Referências - [MITRE ATT&CK - S0196](https://attack.mitre.org/software/S0196)