T1193: T1193

Search IOCs, vulnerabilities, APT…

216.73.216.233

← Back to attack patterns

View on MITRE ATT&CK AlienVault · Published 20/12/2025 19:35 · Modified 27/05/2026 15:52

Essential information

MITRE technique ID: T1193
Confidence: 100/100
Revoked: No
Published: 20/12/2025 19:35
Modified: 27/05/2026 15:52
Author / Source: AlienVault

Description

No description.

Marking (TLP)

TLP:GREEN

External references

mitre-attack (T1193)

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.

Intrusion sets (APT) (26)

Kimsuky uses Black BansheeVelvet Chollima

The MITRE Corporation Confidence 100

[Kimsuky](https://attack.mitre.org/groups/G0094) is a North Korea-based cyber espionage group that has been active since at least 2012. The group initially targeted South Korean government agencies, think tanks, and subject-matter…

First seen 01/01/1970 · Last seen 16/11/5138 ·
TA406 uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Eugenfest uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
TA428 uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Monster Libra uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
GreenSpot uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Core Werewolf uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
RedCurl uses

The MITRE Corporation Confidence 100

[RedCurl](https://attack.mitre.org/groups/G1039) is a threat actor active since 2018 notable for corporate espionage targeting a variety of locations, including Ukraine, Canada and the United Kingdom, and a variety of…

First seen 01/01/1970 · Last seen 16/11/5138 ·
Tonto Team uses Earth AkhlutBRONZE HUNTLEY

The MITRE Corporation Confidence 100

[Tonto Team](https://attack.mitre.org/groups/G0131) is a suspected Chinese state-sponsored cyber espionage threat group that has primarily targeted South Korea, Japan, Taiwan, and the United States since at least 2009; by…

First seen 01/01/1970 · Last seen 16/11/5138 ·
APT37 uses InkySquidGroup123

The MITRE Corporation Confidence 100

[APT37](https://attack.mitre.org/groups/G0067) is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also…

First seen 01/01/1970 · Last seen 16/11/5138 ·
Phorpiex uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Void Arachne uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·

← Previous

Page / 3

1–12 of 26

XWorm uses

Family
AndeLoader uses

Family
FakeBat uses

Family
MuddyC2Go uses

Family
SPECTR uses

Family
procburner uses
CotSam uses
Cotx uses
VineThorn uses
SmokeLoader uses

Family
TacticalRMM uses

Family
Emotet uses

← Previous

Page / 8

1–12 of 87

Threat landscape — Belgium related

Confidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools
Threat landscape — insurance related

Confidence 100 199 MITREs 11 APTs
Security brief: tax scams aim to steal funds … related

AlienVault Confidence 100 15 MITREs 2 Malwares 15 IOCs 15 Observables
A cunning predator: How Silver Fox preys on … related

16 MITREs 1 Malware 14 Observables 1 APT
Fake Dropbox Phishing Campaign via PDF and Cloud … related

10 MITREs 2 Observables
Crossed wires: a case study of Iranian espionage … related

16 MITREs 55 Observables 1 APT
Operation SouthNet: SideWinder Expands Phishing and Malware Operations … related

21 MITREs 4 Malwares 1 APT
August 2025 Trends Report on Phishing Emails related

1 CVE 9 MITREs 1 Malware 4 Observables
Cybercriminals Abuse AI Website Creation App For Phishing related

2 MITREs 3 Malwares
Microsoft 365 Direct Send Abuse: Phishing Risks & … related

7 MITREs 27 Observables
Emerging Phishing Techniques: New Threats and Attack Vectors related

4 MITREs
March 2025 Trends Report on Phishing Emails related

13 MITREs 2 Malwares

← Previous

Page / 3

1–12 of 26

Vulnerabilities (CVE) (5)

CVE-2019-16098 targets

7.8 High

The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, …

Attack vector: LOCAL
Published: 11/09/2019
Modified: 20/12/2025

CVE-2018-0798 KEV targets

Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code …

Published: 03/11/2021
Modified: 27/05/2026

CVE-2017-11882 KEV targets

7.8 High

Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.

Attack vector: Local
Complexity: Low
Published: 15/11/2017
Modified: 29/05/2026

CWE-119

CVE-2017-0199 KEV targets

7.8 High

Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for …

Attack vector: LOCAL
Complexity: LOW
Published: 12/04/2017
Modified: 22/04/2026

CVE-2021-40444 KEV targets

Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.

Published: 03/11/2021
Modified: 27/05/2026

Contact About Legal notice Privacy policy Terms of use

T1193: T1193

Essential information

Description

Marking (TLP)

External references

Related entities

Intrusion sets (APT) (26)

Malware (87)

Reports (26)

Vulnerabilities (CVE) (5)