BlackByte Ransomware
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[BlackByte Ransomware](https://attack.mitre.org/software/S1180) is uniquely associated with [BlackByte](https://attack.mitre.org/groups/G1043) operations. [BlackByte Ransomware](https://attack.mitre.org/software/S1180) used a common key for infections, allowing for the creation of a universal decryptor.(Citation: Trustwave BlackByte 2021)(Citation: FBI BlackByte 2022) [BlackByte Ransomware](https://attack.mitre.org/software/S1180) was replaced in [BlackByte](https://attack.mitre.org/groups/G1043) operations by [BlackByte 2.0 Ransomware](https://attack.mitre.org/software/S1181) by 2023.(Citation: Microsoft BlackByte 2023)(Citation: Cisco BlackByte 2024)
Tecniche Associate (21)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1012 | Query Registry | - |
| T1021.002 | SMB/Windows Admin Shares | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1046 | Network Service Discovery | - |
| T1053.005 | Scheduled Task | - |
| T1059.007 | JavaScript | - |
| T1082 | System Information Discovery | - |
| T1106 | Native API | - |
| T1112 | Modify Registry | - |
| T1135 | Network Share Discovery | - |
| T1140 | Deobfuscate/Decode Files or Information | - |
| T1222.001 | Windows File and Directory Permissions Modification | - |
| T1480 | Execution Guardrails | - |
| T1486 | Data Encrypted for Impact | - |
| T1490 | Inhibit System Recovery | - |
Usato da Attori (1)
Metadata
| ID: | 421 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |