T1107: T1107
View on MITRE ATT&CK
AlienVault
· Published 20/12/2025 23:58 · Modified 27/05/2026 21:40
Essential information
- MITRE technique ID
T1107- Confidence
- 100/100
- Revoked
- No
- Published
- 20/12/2025 23:58
- Modified
- 27/05/2026 21:40
- Author / Source
- AlienVault
Description
No description.
Marking (TLP)
TLP:CLEAR
External references
Related entities
Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.
Intrusion sets (APT) (13)
-
The MITRE Corporation Confidence 100
[Sidewinder](https://attack.mitre.org/groups/G0121) is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia,…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Malware (48)
-
NETWIRE - S0198 usesFamily
-
UpdateDll usesFamily
-
MacMa - S1016 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
EKANS - S0605 usesFamily
-
Grandoreiro - S0531 usesFamily
-
SmokeLoader usesFamily
-
Ozone RAT usesFamily
-
MgBot usesFamily
-
DarkTrack usesFamily
-
Client.exe usesFamily
-
HeadLace usesFamily
-
MetaStealer usesFamily
Reports (17)
-
Threat landscape — Belgium relatedConfidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools
-
AlienVault Confidence 100 20 MITREs 3 Malwares 15 IOCs 15 Observables
-
13 MITREs 8 Malwares 7 Observables
-
1 CVE 8 MITREs 1 Malware 6 Observables 1 APT
-
19 MITREs 2 Malwares 8 Observables 1 APT
-
20 MITREs 31 Observables
-
1 CVE 19 MITREs 5 Malwares 20 Observables 1 APT
-
9 MITREs 2 Malwares 7 Observables 1 APT
-
14 MITREs 1 Malware
-
11 MITREs 1 Malware 11 Observables
-
APT Attacks Using Cloud Storage related11 MITREs 1 Malware 1 Observable
-
8 MITREs 5 Malwares 14 Observables 1 APT
Vulnerabilities (CVE) (2)
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code …
- Published
- 03/11/2021
- Modified
- 21/12/2025
10.0
Critical
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges …
- Attack vector
- Network
- Published
- 12/04/2024
- Modified
- 21/12/2025