Classe: Downloader
Programas deste tipo baixam sigilosamente uma variedade de conteúdo dos recursos da rede. Eles não são programas maliciosos, mas usuários mal-intencionados podem usá-los para baixar conteúdo malicioso em um computador vítima. Se um usuário instalou um programa desse tipo em seu computador ou se foi instalado por um administrador do sistema, ele não representa qualquer ameaça.Plataforma: Win32
O Win32 é uma API em sistemas operacionais baseados no Windows NT (Windows XP, Windows 7, etc.) que oferece suporte à execução de aplicativos de 32 bits. Uma das plataformas de programação mais difundidas do mundo.Família: Downloader.Win32.Agent
No family descriptionExamples
03B9C9DC8441073EA162F2E9FE2F77D0Tactics and Techniques: Mitre*
TA0002
Execution
The adversary is trying to run malicious code. Execution consists of techniques that result in adversary-controlled code running on a local or remote system. Techniques that run malicious code are often paired with techniques from all other tactics to achieve broader goals, like exploring a network or stealing data. For example, an adversary might use a remote access tool to run a PowerShell script that does Remote System Discovery.
T1204.002
Malicious File
An adversary may rely upon a user opening a malicious file in order to gain execution. Users may be subjected to social engineering to get them to open a file that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Attachment. Adversaries may use several types of files that require a user to execute them, including .doc, .pdf, .xls, .rtf, .scr, .exe, .lnk, .pif, .cpl, and .reg.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.