Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan Win64

Trojan.Win64.Injects.cmy

Update Date
11/29/2023

Class: Trojan

A malicious program designed to electronically spy on the user’s activities (intercept keyboard input, take screenshots, capture a list of active applications, etc.). The collected information is sent to the cybercriminal by various means, including email, FTP, and HTTP (by sending data in a request).

Read more

Platform: Win64

Win64 is a platform on Windows-based operating systems for execution of 32-/64-bit applications. Win64 programs cannot be launched on 32-bit versions of Windows.

Family: Injects

No family description

Examples

76C4D3743F2DD960F0C3F25CE10C38BB
6D0F30C76016FB4585D79DA78FE40BF1
76D1CD1841C3F161DC03538FDD86A730
98B87FC4B0EB32E83512993CC5474DD7
82749F7FE36873BF6831201D166CF25F

Tactics and Techniques: Mitre*

TA0002
Execution

Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.


T1203
Exploitation for Client Execution

Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
03 December 2025
Securelist
Shai Hulud 2.0, now with a wiper flavor
03 December 2025
Securelist
Exploits and vulnerabilities in Q3 2025
02 December 2025
Securelist
Kaspersky Security Bulletin 2025. Statistics
28 November 2025
Securelist
Tomiris wreaks Havoc: New tools and techniques of the APT group
26 November 2025
Securelist
Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025
24 November 2025
Securelist
To buy or not to buy: How cybercriminals capitalize on Black Friday
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.