Třída: Exploit
Výhody jsou programy, které obsahují data nebo spustitelný kód, které využívají jednu nebo více zranitelných míst v softwaru běžícím na místním nebo vzdáleném počítači pro zjevně škodlivé účely.Uživatelé se zlými úmysly často používají zneužívání k proniknutí do počítače poškozeného, aby následně nainstalovali škodlivý kód (například infikovat všechny návštěvníky ohrožených webových stránek se škodlivým programem). Kromě toho jsou zneužívány běžně používané sítí Net-Worms, aby hackovali poškozený počítač, aniž by od uživatele vyžadovaly nějakou akci.
Nuker programy jsou pozoruhodné mezi exploity; tyto programy posílají speciálně vytvořené požadavky na lokální nebo vzdálené počítače, což způsobuje selhání systému.
Platfoma: Win64
Win64 je platforma v operačních systémech Windows pro provádění 32- / 64bitových aplikací. Programy Win64 nelze spustit v 32bitových verzích systému Windows.Family: Exploit.Win64.CVE-2024-26229
No family descriptionExamples
CD29E85506DA3AF7F27C1A392746AEA2Tactics and Techniques: Mitre*
TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1497.001
System Checks
Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from Virtualization/Sandbox Evasion during automated discovery to shape follow-on behaviors.
TA0007
Discovery
The adversary is trying to figure out your environment. Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what's around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
T1497.001
System Checks
Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from Virtualization/Sandbox Evasion during automated discovery to shape follow-on behaviors.
T1518
Software Discovery
Adversaries may attempt to get a listing of software and software versions that are installed on a system or in a cloud environment. Adversaries may use the information from Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.