# DUSTTRAP > Tipo: **malware** · S1159 · [MITRE ATT&CK](https://attack.mitre.org/software/S1159) ## Descrição [[s1159-dusttrap|DUSTTRAP]] é um framework de plugins de múltiplos estágios associado às operações do [[g0096-apt41|APT41]], composto por múltiplos componentes. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1087-002-domain-account|T1087.002 - Domain Account]] - [[t1012-query-registry|T1012 - Query Registry]] - [[t1615-group-policy-discovery|T1615 - Group Policy Discovery]] - [[t1055-process-injection|T1055 - Process Injection]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1070-indicator-removal|T1070 - Indicator Removal]] - [[t1027-013-encryptedencoded-file|T1027.013 - Encrypted/Encoded File]] - [[t1057-process-discovery|T1057 - Process Discovery]] - [[t1087-001-local-account|T1087.001 - Local Account]] - [[t1113-screen-capture|T1113 - Screen Capture]] - [[t1518-001-security-software-discovery|T1518.001 - Security Software Discovery]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1005-data-from-local-system|T1005 - Data from Local System]] ## Grupos que Usam - [[g0096-apt41|APT41]] ## Referências - [MITRE ATT&CK - S1159](https://attack.mitre.org/software/S1159)