# NanoCore > Tipo: **malware** · S0336 · [MITRE ATT&CK](https://attack.mitre.org/software/S0336) ## Descrição [[s0336-nanocore|NanoCore]] é uma ferramenta de acesso remoto modular desenvolvida em .NET que pode ser usada para espionar vítimas e roubar informações. Tem sido utilizada por atores de ameaças desde 2013. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] - [[t1016-system-network-configuration-discovery|T1016 - System Network Configuration Discovery]] - [[t1125-video-capture|T1125 - Video Capture]] - [[t1562-004-disable-or-modify-system-firewall|T1562.004 - Disable or Modify System Firewall]] - [[t1027-obfuscated-files-or-information|T1027 - Obfuscated Files or Information]] - [[t1123-audio-capture|T1123 - Audio Capture]] - [[t1059-005-visual-basic|T1059.005 - Visual Basic]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1112-modify-registry|T1112 - Modify Registry]] - [[t1573-001-symmetric-cryptography|T1573.001 - Symmetric Cryptography]] - [[t1562-001-disable-or-modify-tools|T1562.001 - Disable or Modify Tools]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] ## Grupos que Usam - [[g0064-apt33|APT33]] - [[g0083-silverterrier|SilverTerrier]] - [[g0078-gorgon-group|Gorgon Group]] - [[g0043-group5|Group5]] ## Referências - [MITRE ATT&CK - S0336](https://attack.mitre.org/software/S0336)