T1107: T1107
Essential information
- MITRE technique ID
T1107- Confidence
- 100/100
- Revoked
- No
- Published
- 20/12/2025 23:58
- Modified
- 27/05/2026 21:40
- Author / Source
- AlienVault
Description
No description.
Marking (TLP)
TLP:CLEAR
External references
Related entities
Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.
Intrusion sets (APT) (13)
-
The MITRE Corporation Confidence 100
[Daggerfly](https://attack.mitre.org/groups/G1034) is a People's Republic of China-linked APT entity active since at least 2012. [Daggerfly](https://attack.mitre.org/groups/G1034) has targeted individuals, government and NGO entities, and telecommunication companies in Asia and…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Fighting Ursa usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
TA578 usesThe MITRE Corporation Confidence 100
[TA578](https://attack.mitre.org/groups/G1038) is a threat actor that has used contact forms and email to initiate communications with victims and to distribute malware including [Latrodectus](https://attack.mitre.org/software/S1160), [IcedID](https://attack.mitre.org/software/S0483), and [Bumblebee](https://attack.mitre.org/software/S1039).(Citation: Latrodectus APR…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Grandoreiro usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AsyncRAT usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[APT37](https://attack.mitre.org/groups/G0067) is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Silver Fox usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Sticky Werewolf usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[Kimsuky](https://attack.mitre.org/groups/G0094) is a North Korea-based cyber espionage group that has been active since at least 2012. The group initially targeted South Korean government agencies, think tanks, and subject-matter…
First seen 01/01/1970 · Last seen 16/11/5138 · -
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Kasseika usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
SOLAR SPIDER usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Malware (48)
-
Rhadamanthys Stealer usesFamily
-
EKANS uses
-
Vidar usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Winver.exe usesFamily
-
NJRat usesFamily
-
JSOutProx usesFamily
-
svcmgmt.dll usesFamily
-
UDP RAT usesFamily
-
svcmgmt.exe usesFamily
-
Kimsuky usesFamily
-
Trojan.Suzafk usesFamily
-
Lumma Stealer usesFamily
Reports (17)
-
Threat landscape — Belgium relatedConfidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools
-
AlienVault Confidence 100 20 MITREs 3 Malwares 15 IOCs 15 Observables
-
13 MITREs 8 Malwares 7 Observables
-
1 CVE 8 MITREs 1 Malware 6 Observables 1 APT
-
19 MITREs 2 Malwares 8 Observables 1 APT
-
20 MITREs 31 Observables
-
1 CVE 19 MITREs 5 Malwares 20 Observables 1 APT
-
9 MITREs 2 Malwares 7 Observables 1 APT
-
14 MITREs 1 Malware
-
11 MITREs 1 Malware 11 Observables
-
APT Attacks Using Cloud Storage related11 MITREs 1 Malware 1 Observable
-
8 MITREs 5 Malwares 14 Observables 1 APT
Vulnerabilities (CVE) (2)
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code …
- Published
- 03/11/2021
- Modified
- 21/12/2025
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges …
- Attack vector
- Network
- Published
- 12/04/2024
- Modified
- 21/12/2025