# Bad Rabbit > Tipo: **malware** · S0606 · [MITRE ATT&CK](https://attack.mitre.org/software/S0606) ## Descrição [[s0606-bad-rabbit|Bad Rabbit]] é um ransomware autopropagável que afetou o setor de transportes ucraniano em 2017. [[s0606-bad-rabbit|Bad Rabbit]] também teve como alvo organizações e consumidores na Rússia. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1486-data-encrypted-for-impact|T1486 - Data Encrypted for Impact]] - [[t1110-003-password-spraying|T1110.003 - Password Spraying]] - [[t1495-firmware-corruption|T1495 - Firmware Corruption]] - [[t1569-002-service-execution|T1569.002 - Service Execution]] - [[t1053-005-scheduled-task|T1053.005 - Scheduled Task]] - [[t1036-005-match-legitimate-resource-name-or-location|T1036.005 - Match Legitimaté Resource Name or Location]] - [[t1189-drive-by-compromise|T1189 - Drive-by Compromise]] - [[t1003-001-lsass-memory|T1003.001 - LSASS Memory]] - [[t1548-002-bypass-user-account-control|T1548.002 - Bypass User Account Control]] - [[t1057-process-discovery|T1057 - Process Discovery]] - [[t1135-network-share-discovery|T1135 - Network Share Discovery]] - [[t1210-exploitation-of-remote-services|T1210 - Exploitation of Remote Services]] - [[t1218-011-rundll32|T1218.011 - Rundll32]] - [[t1204-002-malicious-file|T1204.002 - Malicious File]] - [[t1106-native-api|T1106 - Native API]] ## Grupos que Usam - [[g0034-sandworm|Sandworm Team]] ## Referências - [MITRE ATT&CK - S0606](https://attack.mitre.org/software/S0606)