Click anywhere to stop


Class Exploit
Platform RTF
Family CVE-2017-11882
Full name HEUR:Exploit.RTF.CVE-2017-11882.gen
Examples E8E5840D63CB38709C4F2C47F42877F5
Updated at 2023-11-20 14:22:33
Tactics &
techniques MITRE*

TA0009 Collection

The adversary is trying to gather data of interest to their goal.

Collection consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary’s objectives. Frequently, the next goal after collecting data is to steal (exfiltrate) the data. Common target sources include various drive types, browsers, audio, video, and email. Common collection methods include capturing screenshots and keyboard input.

T1113 Screen Capture

Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as CopyFromScreen, xwd, or screencapture.(Citation: CopyFromScreen .NET)(Citation: Antiquated Mac Malware)
* © 2024 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.
Find out the statistics of the threats spreading in your region