Class: Downloader
Programs of this type stealthily download a variety of content from network resources. They are not malicious programs, but malicious users can use them to download malicious content onto a victim computer. If a user has installed such a program on his/her computer, or if it was installed by a system administrator, then it does not pose any threat.Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: DownloadSponsor
No family descriptionExamples
F6B992F4C2916DC0C45B13C3BCC272C9AF13FEE5D72EC0BD4BFA4B9A97F9B640
5A02A250B117C2976081FDFEC8CC3346
2AAAF6243DD2387A7E41F2F39ED5F46C
97F8942DE3F416212E3A0C0C6B9DB21E
Tactics and Techniques: Mitre*
TA0011
Command and Control
Adversaries may communicate using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088 or port 587 as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
T1571
Non-Standard Port
Adversaries may communicate using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088 or port 587 as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.