# CreepySnail > Tipo: **malware** · S1024 · [MITRE ATT&CK](https://attack.mitre.org/software/S1024) ## Descrição [[s1024-creepysnail|CreepySnail]] é um implant PowerShell personalizado utilizado pelo [[g1005-polonium|POLONIUM]] desde pelo menos 2022. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1078-002-domain-accounts|T1078.002 - Domain Accounts]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1016-system-network-configuration-discovery|T1016 - System Network Configuration Discovery]] - [[t1132-001-standard-encoding|T1132.001 - Standard Encoding]] - [[t1059-001-powershell|T1059.001 - PowerShell]] - [[t1041-exfiltration-over-c2-channel|T1041 - Exfiltration Over C2 Channel]] - [[t1033-system-owneruser-discovery|T1033 - System Owner/User Discovery]] ## Grupos que Usam - [[g1005-polonium|POLONIUM]] ## Referências - [MITRE ATT&CK - S1024](https://attack.mitre.org/software/S1024)