# Dok > Tipo: **malware** · S0281 · [MITRE ATT&CK](https://attack.mitre.org/software/S0281) ## Descrição [[s0281-dok|Dok]] é uma aplicação Trojan disfarçada de arquivo .zip capaz de coletar credenciais de usuários e instalar um servidor proxy malicioso para redirecionar o tráfego de rede da vítima (ou sejá, [[t1557-adversary-in-the-middle|Adversary-in-the-Middle]]). **Plataformas:** macOS ## Técnicas Utilizadas - [[t1557-adversary-in-the-middle|T1557 - Adversary-in-the-Middle]] - [[t1027-002-software-packing|T1027.002 - Software Packing]] - [[t1543-001-launch-agent|T1543.001 - Launch Agent]] - [[t1059-002-applescript|T1059.002 - AppleScript]] - [[t1222-002-linux-and-mac-file-and-directory-permissions-modification|T1222.002 - Linux and Mac File and Directory Permissions Modification]] - [[t1048-003-exfiltration-over-unencrypted-non-c2-protocol|T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol]] - [[t1553-004-install-root-certificate|T1553.004 - Install Root Certificaté]] - [[t1548-003-sudo-and-sudo-caching|T1548.003 - Sudo and Sudo Caching]] - [[t1056-002-gui-input-capture|T1056.002 - GUI Input Capture]] - [[t1090-003-multi-hop-proxy|T1090.003 - Multi-hop Proxy]] - [[t1547-015-login-items|T1547.015 - Login Items]] ## Referências - [MITRE ATT&CK - S0281](https://attack.mitre.org/software/S0281)