Searching
..

Click anywhere to stop

Exploit.RTF.CVE-2017-11882.gen

Class Exploit
Platform RTF
Family CVE-2017-11882
Full name HEUR:Exploit.RTF.CVE-2017-11882.gen
Examples E8E5840D63CB38709C4F2C47F42877F5
23CBCFF8FD0FB8173FC8C6EAE92D2B28
657D1F0E73D34EAB59CC505DC338DBB5
27701FE73B1DA4E684C80519527605C6
ED1D6DAD29116B4A433C5A897A13BEB7
Updated at 2023-11-20 14:22:33
Tactics &
techniques MITRE*

TA0009 Collection

The adversary is trying to gather data of interest to their goal.


Collection consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary’s objectives. Frequently, the next goal after collecting data is to steal (exfiltrate) the data. Common target sources include various drive types, browsers, audio, video, and email. Common collection methods include capturing screenshots and keyboard input.


T1113 Screen Capture

Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as CopyFromScreen, xwd, or screencapture.(Citation: CopyFromScreen .NET)(Citation: Antiquated Mac Malware)
* © 2024 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.
Find out the statistics of the threats spreading in your region