CHIMNEYSWEEP
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[CHIMNEYSWEEP](https://attack.mitre.org/software/S1149) is a backdoor malware that was deployed during [HomeLand Justice](https://attack.mitre.org/campaigns/C0038) along with [ROADSWEEP](https://attack.mitre.org/software/S1150) ransomware, and has been used to target Farsi and Arabic speakers since at least 2012.(Citation: Mandiant ROADSWEEP August 2022)
Tecniche Associate (31)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1005 | Data from Local System | - |
| T1027 | Obfuscated Files or Information | - |
| T1027.001 | Binary Padding | - |
| T1027.007 | Dynamic API Resolution | - |
| T1027.009 | Embedded Payloads | - |
| T1033 | System Owner/User Discovery | - |
| T1041 | Exfiltration Over C2 Channel | - |
| T1053.005 | Scheduled Task | - |
| T1056.001 | Keylogging | - |
| T1057 | Process Discovery | - |
| T1059.001 | PowerShell | - |
| T1059.005 | Visual Basic | - |
| T1070.006 | Timestomp | - |
| T1071.001 | Web Protocols | - |
| T1074.001 | Local Data Staging | - |
Metadata
| ID: | 234 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |