T1059.006: T1059.006
Essential information
- MITRE technique ID
T1059.006- Confidence
- 100/100
- Revoked
- No
- Published
- 09/03/2020 15:38
- Modified
- 27/03/2026 01:11
- Author / Source
- The MITRE Corporation
Aliases
Python
Platforms
windows macos linux ESXi
Description
Kill chain phases
| Kill chain | Phase |
|---|---|
| mitre-attack | execution |
Marking (TLP)
TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.
Intrusion sets (APT) (55)
-
SVF Team relatedAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[Star Blizzard](https://attack.mitre.org/groups/G1033) is a cyber espionage and influence group originating in Russia that has been active since at least 2019. [Star Blizzard](https://attack.mitre.org/groups/G1033) campaigns align closely with Russian state…
First seen 01/01/1970 · Last seen 16/11/5138 · -
StormBamboo relatedAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Sukob relatedAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
TA415 relatedAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
TA4557/FIN6 relatedAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
TeamPCP relatedAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Malware (79)
-
VenomRAT usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
redux-ace usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
RELOADEXT usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Pyramid C2 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
DownTroy usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
UPSTYLE usesFamily The MITRE Corporation Confidence 100
[UPSTYLE](https://attack.mitre.org/software/S1164) is a Python-based backdoor associated with exploitation of Palo Alto firewalls using CVE-2024-3400 in early 2024. [UPSTYLE](https://attack.mitre.org/software/S1164) has only been observed in relation to this exploitation activity,…
First seen 01/01/1970 · Last seen 16/11/5138 · -
graphflux usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
SUNSPINNER usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Rhadamanthys usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Kryptina usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
RustDoor usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AGENTPSD usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Reports (50)
-
AlienVault Confidence 100 20 MITREs 1 Malware 17 IOCs 4 Observables
-
AlienVault Confidence 100 19 MITREs 2 Malwares 1 IOC 1 Observable 1 APT
-
AlienVault Confidence 100 19 MITREs 3 Malwares 4 IOCs 1 APT
-
AlienVault Confidence 100 21 MITREs 1 Malware 2 IOCs 1 APT
-
AlienVault Confidence 100 15 MITREs 2 IOCs 2 Observables
-
AlienVault Confidence 100 19 MITREs 3 Malwares 2 IOCs 2 Observables
-
20 MITREs 4 Malwares 18 Observables 1 APT
-
19 MITREs 3 Malwares 32 Observables 1 APT
-
AlienVault Confidence 100 5 CVEs 20 MITREs 2 Malwares 18 IOCs 18 Observables
-
AlienVault Confidence 100 19 MITREs 32 IOCs 32 Observables 1 APT
-
Threat landscape — Belgium relatedConfidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools
-
Threat landscape — insurance relatedConfidence 100 199 MITREs 11 APTs
Vulnerabilities (CVE) (49)
Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 01/05/2015
- Modified
- 22/04/2026
Course Of Action (1)
-
Audit mitigates
Tool (1)
-
Pupy usesThe MITRE Corporation Confidence 100
[Pupy](https://attack.mitre.org/software/S0192) is an open source, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool. (Citation: GitHub Pupy) It is written in Python and can be generated as…