Classe: Hoax
Un canular est un faux avertissement sur un virus ou un autre élément de code malveillant. Habituellement, un canular prend la forme d'un message électronique avertissant le lecteur d'un nouveau virus dangereux et suggérant que le lecteur transmette le message. Les canulars ne causent aucun dommage en eux-mêmes, mais leur distribution par des utilisateurs bien intentionnés provoque souvent de la peur et de l'incertitude. La plupart des fournisseurs d'antivirus incluent des informations de canular sur leurs sites Web et il est toujours conseillé de vérifier avant de transférer les messages d'avertissement.Plus d'informations
Plateforme: Win32
Win32 est une API sur les systèmes d'exploitation Windows NT (Windows XP, Windows 7, etc.) qui prend en charge l'exécution des applications 32 bits. L'une des plateformes de programmation les plus répandues au monde.Famille: Hoax.Win32.PCRepair
No family descriptionExamples
CB9EC9D66B5C778417DBDD111C92686DDC2D83B3680B4C059174B963FBEF2FA2
A17334DF38DB3771CE82A56B57167CF5
B521B4F8BD71D608CDF77E86D7EF735E
08712739EBEA7CD8E6CFF69B38824777
Tactics and Techniques: Mitre*
TA0011
Command and Control
The adversary is trying to communicate with compromised systems to control them.
Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses.
Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses.
T1071.001
Application Layer Protocol: Web Protocols
Adversaries may communicate using application layer protocols associated with web traffic to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Protocols such as HTTP/S(Citation: CrowdStrike Putter Panda) and WebSocket(Citation: Brazking-Websockets) that carry web traffic may be very common in environments. HTTP/S packets have many fields and headers in which data can be concealed. An adversary may abuse these protocols to communicate with systems under their control within a victim network while also mimicking normal, expected traffic.
Protocols such as HTTP/S(Citation: CrowdStrike Putter Panda) and WebSocket(Citation: Brazking-Websockets) that carry web traffic may be very common in environments. HTTP/S packets have many fields and headers in which data can be concealed. An adversary may abuse these protocols to communicate with systems under their control within a victim network while also mimicking normal, expected traffic.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.