Classe: Hoax
Um boato é um aviso falso sobre um vírus ou outro código malicioso. Normalmente, uma fraude toma a forma de uma mensagem de email avisando o leitor de um novo vírus perigoso e sugerindo que o leitor passe a mensagem. Os hoaxes não causam danos em si mesmos, mas sua distribuição por usuários bem-intencionados muitas vezes causa medo e incerteza. A maioria dos fornecedores de antivírus inclui informações fraudulentas em seus sites e é sempre aconselhável verificar antes de encaminhar mensagens de aviso.Plataforma: Win32
O Win32 é uma API em sistemas operacionais baseados no Windows NT (Windows XP, Windows 7, etc.) que oferece suporte à execução de aplicativos de 32 bits. Uma das plataformas de programação mais difundidas do mundo.Família: Hoax.Win32.PCRepair
No family descriptionExamples
60456026C86539193CD467B34D4FF624818F5A8459E27251C3C459E888DD7426
33D18B520E426DBAFF6CE25B3BC99372
29BB75BF65F199B6392A2A2A492E7408
E45EC9F3B3F3F7BCA7F669219FEA8E75
Tactics and Techniques: Mitre*
TA0011
Command and Control
The adversary is trying to communicate with compromised systems to control them.
Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses.
Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses.
T1071.001
Application Layer Protocol: Web Protocols
Adversaries may communicate using application layer protocols associated with web traffic to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Protocols such as HTTP/S(Citation: CrowdStrike Putter Panda) and WebSocket(Citation: Brazking-Websockets) that carry web traffic may be very common in environments. HTTP/S packets have many fields and headers in which data can be concealed. An adversary may abuse these protocols to communicate with systems under their control within a victim network while also mimicking normal, expected traffic.
Protocols such as HTTP/S(Citation: CrowdStrike Putter Panda) and WebSocket(Citation: Brazking-Websockets) that carry web traffic may be very common in environments. HTTP/S packets have many fields and headers in which data can be concealed. An adversary may abuse these protocols to communicate with systems under their control within a victim network while also mimicking normal, expected traffic.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.