# Cardinal RAT > Tipo: **malware** · S0348 · [MITRE ATT&CK](https://attack.mitre.org/software/S0348) ## Descrição [[s0348-cardinal-rat|Cardinal RAT]] é uma ferramenta de acesso remoto (RAT) potencialmente de baixo volume observada desde dezembro de 2015. [[s0348-cardinal-rat|Cardinal RAT]] é notável pelo seu uso incomum de código-fonte C# não compilado e do compilador embutido csc.exe do Microsoft Windows. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1033-system-owneruser-discovery|T1033 - System Owner/User Discovery]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1573-001-symmetric-cryptography|T1573.001 - Symmetric Cryptography]] - [[t1204-002-malicious-file|T1204.002 - Malicious File]] - [[t1560-002-archive-via-library|T1560.002 - Archive via Library]] - [[t1012-query-registry|T1012 - Query Registry]] - [[t1027-004-compile-after-delivery|T1027.004 - Compile After Delivery]] - [[t1090-proxy|T1090 - Proxy]] - [[t1055-process-injection|T1055 - Process Injection]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] ## Referências - [MITRE ATT&CK - S0348](https://attack.mitre.org/software/S0348)