TA0011: TA0011

Search IOCs, vulnerabilities, APT…

216.73.216.36

← Back to attack patterns

View on MITRE ATT&CK AlienVault · Published 20/12/2025 19:32 · Modified 27/05/2026 15:52

Essential information

MITRE technique ID: TA0011
Confidence: 100/100
Revoked: No
Published: 20/12/2025 19:32
Modified: 27/05/2026 15:52
Author / Source: AlienVault

Description

No description.

Marking (TLP)

TLP:GREEN

External references

mitre-attack (TA0011)

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.

Intrusion sets (APT) (14)

SnakeKeylogger uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
APT-C-26 (Lazarus) uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·

← Previous

Page / 2

13–14 of 14

QuackBot uses

Family
crywiper uses
PureCrypter uses

Family
X_Trader uses
Moobot uses

← Previous

Page / 5

49–53 of 53

Threat landscape — insurance related

Confidence 100 199 MITREs 11 APTs
GUNRA RANSOMWARE: What You Don't Know! related

22 MITREs 3 Malwares 1 APT
Infrastructure of Interest: Medium Confidence Command And Control related

1 MITRE 200 Observables
Infrastructure of Interest: High Confidence Command And Control related

1 MITRE 200 Observables
Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed related

3 MITREs 1 Malware 40 Observables
Evolution of Zanubis, a banking Trojan for Android related

1 MITRE 1 Malware 8 Observables 1 APT
SnakeKeylogger – A Multistage Info Stealer Malware Campaign related

17 MITREs 1 Malware 5 Observables 1 APT
DigiEver Fix That IoT Thing! related

3 MITREs 1 Malware 32 Observables
Effective Phishing Campaign Targeting European Companies and Institutions related

5 MITREs 50 Observables
EDR Bypass Testing Reveals Extortion Actor's Toolkit related

8 MITREs 6 Malwares
AdsExhaust, a Newly Discovered Adware MasqueradingOculus… related

3 MITREs 17 Observables
Malicious Python Script with a "Best Before" Date … related

1 MITRE 1 Malware 1 Observable

← Previous

Page / 2

1–12 of 13

Vulnerabilities (CVE) (10)

CVE-2015-2051 KEV targets

8.8 High

D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

Attack vector: Adjacent
Complexity: LOW
Published: 23/02/2015
Modified: 22/04/2026

CWE-77

CVE-2018-6530

targets

CVE-2017-11882 KEV targets

7.8 High

Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.

Attack vector: Local
Complexity: Low
Published: 15/11/2017
Modified: 29/05/2026

CWE-119

CVE-2022-28958

targets

CVE-2022-26258

targets

CVE-2017-0199 KEV targets

7.8 High

Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for …

Attack vector: LOCAL
Complexity: LOW
Published: 12/04/2017
Modified: 22/04/2026

CVE-2020-8515 KEV targets

DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.

Published: 03/11/2021
Modified: 20/12/2025

CVE-2013-5948 targets

Published: 20/12/2025
Modified: 21/12/2025

CVE-2021-22205 KEV targets

GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse …

Published: 03/11/2021
Modified: 20/12/2025

CVE-2021-40444 KEV targets

Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.

Published: 03/11/2021
Modified: 27/05/2026

Contact About Legal notice Privacy policy Terms of use

TA0011: TA0011

Essential information

Description

Marking (TLP)

External references

Related entities

Intrusion sets (APT) (14)

Malware (53)

Reports (13)

Vulnerabilities (CVE) (10)