TA0004: TA0004

Search IOCs, vulnerabilities, APT…

216.73.216.6

← Back to attack patterns

View on MITRE ATT&CK AlienVault · Published 20/12/2025 19:36 · Modified 20/12/2025 22:21

Essential information

MITRE technique ID: TA0004
Confidence: 100/100
Revoked: No
Published: 20/12/2025 19:36
Modified: 20/12/2025 22:21
Author / Source: AlienVault

Description

No description.

Marking (TLP)

TLP:CLEAR

External references

mitre-attack (TA0004)

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.

Intrusion sets (APT) (3)

Phobos uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Sandworm Team uses ELECTRUMTelebots

The MITRE Corporation Confidence 100

[Sandworm Team](https://attack.mitre.org/groups/G0034) is a destructive threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) Main Center for Special Technologies (GTsST) military unit 74455.(Citation:…

First seen 01/01/1970 · Last seen 16/11/5138 ·
gunra uses

AlienVault Confidence 100

No description available

First seen 01/01/1970 · Last seen 16/11/5138 ·

Malware (21)

Cobalt Strike uses

Family
BlackMoon uses
Gunra Ransomware uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
CherryLoader uses
AgentTesla uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Linux uses

Family
Phobos uses

Family
Foxblade uses
DoNoT Loader uses

Family
Redline uses

Family
SmokeLoader uses

Family
theAgentTesla uses

← Previous

Page / 2

1–12 of 21

GUNRA RANSOMWARE: What You Don't Know! related

22 MITREs 3 Malwares 1 APT
Leaked Environment Variables Allow Large-Scale Extortion Operation of … related

2 CVEs 6 MITREs 37 Observables

Vulnerabilities (CVE) (4)

CVE-2024-3094 targets

10.0 Critical

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma …

Attack vector: NETWORK
Published: 29/03/2024
Modified: 21/12/2025

CVE-2024-6387 targets

8.1 High

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by …

Published: 01/07/2024
Modified: 01/07/2024

Awaiting Analysis

CVE-2022-47986 KEV targets

9.8 Critical

IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.

Attack vector: Network
Published: 21/02/2023
Modified: 21/12/2025

CVE-2023-27350 KEV targets