TA0007: TA0007

Search IOCs, vulnerabilities, APT…

216.73.216.233

← Back to attack patterns

View on MITRE ATT&CK AlienVault · Published 20/12/2025 19:36 · Modified 20/12/2025 22:39

Essential information

MITRE technique ID: TA0007
Confidence: 100/100
Revoked: No
Published: 20/12/2025 19:36
Modified: 20/12/2025 22:39
Author / Source: AlienVault

Description

No description.

Marking (TLP)

TLP:CLEAR

External references

mitre-attack (TA0007)

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.

Intrusion sets (APT) (3)

DPRK uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
SnakeKeylogger uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
gunra uses

AlienVault Confidence 100

No description available

First seen 01/01/1970 · Last seen 16/11/5138 ·

Malware (17)

H0lyGh0st uses
SnakeKeylogger uses

Family
SafetyKatz uses

Family
Cobalt Strike - S0154 uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
DoNoT Loader uses

Family
SharpHound uses

Family
Gunra Ransomware uses

Family
Maui uses
SilverRAT uses
Erbium uses
Lumma Stealer uses

Family
Ryuk uses

← Previous

Page / 2

1–12 of 17

GUNRA RANSOMWARE: What You Don't Know! related

22 MITREs 3 Malwares 1 APT
SnakeKeylogger – A Multistage Info Stealer Malware Campaign related

17 MITREs 1 Malware 5 Observables 1 APT
EDR Bypass Testing Reveals Extortion Actor's Toolkit related

8 MITREs 6 Malwares
Leaked Environment Variables Allow Large-Scale Extortion Operation of … related

2 CVEs 6 MITREs 37 Observables

Vulnerabilities (CVE) (5)

CVE-2024-3094 targets

10.0 Critical

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma …

Attack vector: NETWORK
Published: 29/03/2024
Modified: 21/12/2025

CVE-2021-20038 KEV targets

SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.

Published: 28/01/2022
Modified: 20/12/2025

CVE-2022-24990 KEV targets

7.5 High

TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.

Attack vector: Network
Published: 10/02/2023
Modified: 20/12/2025

CVE-2021-44228 KEV targets

10.0 Critical

Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.

Attack vector: Network
Published: 10/12/2021
Modified: 27/05/2026

CVE-2024-6387 targets

8.1 High

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by …

Published: 01/07/2024
Modified: 01/07/2024

Awaiting Analysis

Contact About Legal notice Privacy policy Terms of use