# TAINTEDSCRIBE > Tipo: **malware** · S0586 · [MITRE ATT&CK](https://attack.mitre.org/software/S0586) ## Descrição [[s0586-taintedscribe|TAINTEDSCRIBE]] é um implant de beacon completo integrado com módulos de comando, utilizado pelo [[g0032-lazarus-group|Lazarus Group]]. Foi reportado pela primeira vez em maio de 2020. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1018-remote-system-discovery|T1018 - Remote System Discovery]] - [[t1027-001-binary-padding|T1027.001 - Binary Padding]] - [[t1070-006-timestomp|T1070.006 - Timestomp]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1560-archive-collected-data|T1560 - Archive Collected Data]] - [[t1057-process-discovery|T1057 - Process Discovery]] - [[t1036-005-match-legitimate-resource-name-or-location|T1036.005 - Match Legitimaté Resource Name or Location]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] - [[t1059-003-windows-command-shell|T1059.003 - Windows Command Shell]] - [[t1573-001-symmetric-cryptography|T1573.001 - Symmetric Cryptography]] - [[t1001-003-protocol-or-service-impersonation|T1001.003 - Protocol or Service Impersonation]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1124-system-time-discovery|T1124 - System Time Discovery]] - [[t1008-fallback-channels|T1008 - Fallback Channels]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] ## Grupos que Usam - [[g0032-lazarus-group|Lazarus Group]] ## Referências - [MITRE ATT&CK - S0586](https://attack.mitre.org/software/S0586)