Exbyte

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[Exbyte](https://attack.mitre.org/software/S1179) is an exfiltration tool written in Go that is uniquely associated with [BlackByte](https://attack.mitre.org/groups/G1043) operations. Observed since 2022, [Exbyte](https://attack.mitre.org/software/S1179) transfers collected files to online file sharing and hosting services.(Citation: Symantec BlackByte 2022)

Associated Techniques (9)

ID	ATT&CK	Tactics
T1069.001	Local Groups	-
T1070.004	File Deletion	-
T1083	File and Directory Discovery	-
T1106	Native API	-
T1140	Deobfuscate/Decode Files or Information	-
T1480	Execution Guardrails	-
T1497.001	System Checks	-
T1518.001	Security Software Discovery	-
T1567	Exfiltration Over Web Service	-

Used by Actors (1)

BlackByte
Unknown

Metadata

ID:	289
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00