T1009: T1009
Essential information
- MITRE technique ID
T1009- Confidence
- 100/100
- Revoked
- No
- Published
- 21/12/2025 05:10
- Modified
- 29/05/2026 12:20
- Author / Source
- AlienVault
Description
No description.
Marking (TLP)
TLP:CLEAR
External references
Related entities
Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.
Intrusion sets (APT) (4)
-
play usesThe MITRE Corporation Confidence 100
Initially observed in June 2022, the Play ransomware (a.k.a PlayCrypt) operates through double extortion, targeting numerous organizations in Latin America. Its Initial Access method is quite similar to…
First seen 01/01/1970 · Last seen 16/11/5138 · -
The MITRE Corporation Confidence 100
[Magic Hound](https://attack.mitre.org/groups/G0059) is an Iranian-sponsored threat group that conducts long term, resource-intensive cyber espionage operations, likely on behalf of the Islamic Revolutionary Guard Corps. They have targeted European,…
First seen 01/01/1970 · Last seen 16/11/5138 · -
The MITRE Corporation Confidence 100
[Daggerfly](https://attack.mitre.org/groups/G1034) is a People's Republic of China-linked APT entity active since at least 2012. [Daggerfly](https://attack.mitre.org/groups/G1034) has targeted individuals, government and NGO entities, and telecommunication companies in Asia and…
First seen 01/01/1970 · Last seen 16/11/5138 · -
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Malware (18)
-
POOLRAT usesFamily
-
ObjCShellz usesFamily
-
MacMa uses
-
Trojan.Suzafk usesFamily
-
PondRAT usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
BlackSmith usesFamily
-
SmoothOperator usesFamily
-
Comebacker usesFamily
-
MacMa - S1016 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
IMEEX usesFamily
-
PlayCrypt usesFamily
-
OdicLoader usesFamily
Reports (7)
-
Threat landscape — Belgium relatedConfidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools
-
10 MITREs 1 Malware 9 Observables
-
20 MITREs 10 Malwares 58 Observables 1 APT
-
14 MITREs 2 Malwares 10 Observables 1 APT
-
7 MITREs 2 Malwares 4 Observables 1 APT
-
1 CVE 19 MITREs 5 Malwares 20 Observables 1 APT
-
18 MITREs 4 Observables
Vulnerabilities (CVE) (1)
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code …
- Published
- 03/11/2021
- Modified
- 21/12/2025