# Ferocious > Tipo: **malware** · S0679 · [MITRE ATT&CK](https://attack.mitre.org/software/S0679) ## Descrição [[s0679-ferocious|Ferocious]] é um implant de primeiro estágio composto por scripts VBS e PowerShell utilizado pelo grupo [[g0090-wirte|WIRTE]] desde pelo menos 2021. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1059-005-visual-basic|T1059.005 - Visual Basic]] - [[t1120-peripheral-device-discovery|T1120 - Peripheral Device Discovery]] - [[t1518-001-security-software-discovery|T1518.001 - Security Software Discovery]] - [[t1546-015-component-object-model-hijacking|T1546.015 - Component Object Model Hijacking]] - [[t1059-001-powershell|T1059.001 - PowerShell]] - [[t1497-001-system-checks|T1497.001 - System Checks]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1112-modify-registry|T1112 - Modify Registry]] ## Grupos que Usam - [[g0090-wirte|WIRTE]] ## Referências - [MITRE ATT&CK - S0679](https://attack.mitre.org/software/S0679)