T1503: T1503
Essential information
- MITRE technique ID
T1503- Confidence
- 100/100
- Revoked
- No
- Published
- 20/12/2025 19:43
- Modified
- 27/05/2026 21:40
- Author / Source
- AlienVault
Description
No description.
Marking (TLP)
TLP:CLEAR
External references
Related entities
Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.
Intrusion sets (APT) (7)
-
Haskers Gang usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[Kimsuky](https://attack.mitre.org/groups/G0094) is a North Korea-based cyber espionage group that has been active since at least 2012. The group initially targeted South Korean government agencies, think tanks, and subject-matter…
First seen 01/01/1970 · Last seen 16/11/5138 · -
APT 28 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Earth Longzhi usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[APT37](https://attack.mitre.org/groups/G0067) is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also…
First seen 01/01/1970 · Last seen 16/11/5138 · -
The MITRE Corporation Confidence 100
[Sidewinder](https://attack.mitre.org/groups/G0121) is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia,…
First seen 01/01/1970 · Last seen 16/11/5138 · -
The MITRE Corporation Confidence 100
[Volt Typhoon](https://attack.mitre.org/groups/G1017) is a People's Republic of China (PRC) state-sponsored actor that has been active since at least 2021 primarily targeting critical infrastructure organizations in the US and…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Malware (32)
-
AblyGo uses
-
STEELHOOK uses
-
avburner uses
-
PandorahVNC usesFamily
-
OCEANMAP uses
-
DUCKTAIL usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
smbexec uses
-
MASEPIE uses
-
Impacket usesFamily
-
AsyncRAT usesFamily
-
DarkGate usesFamily
-
ExtremeVNC uses
Reports (2)
-
5 MITREs 1 Malware 28 Observables
-
6 MITREs 1 Malware 32 Observables
Vulnerabilities (CVE) (3)
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An …
- Published
- 14/06/2022
- Modified
- 27/05/2026
Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability …
- Published
- 03/11/2021
- Modified
- 20/12/2025
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, …
- Attack vector
- LOCAL
- Published
- 11/09/2019
- Modified
- 20/12/2025