Sınıf: Exploit
Exploits, açık veya kötü niyetli amaçlarla yerel veya uzak bilgisayarda çalışan yazılımlardaki bir veya daha fazla güvenlik açığından yararlanan veri veya yürütülebilir kod içeren programlardır. Çoğu zaman, kötü niyetli kullanıcılar, daha sonra kötü amaçlı kod yüklemek için (örneğin, tüm ziyaretçileri kötü niyetli bir programla tehlikeye girmiş bir web sitesine bulaştıracak şekilde) bir kurbanın bilgisayarına girmek için bir istismar kullanırlar. Ayrıca, kullanıcılardan herhangi bir işlem yapılmaksızın bir kurbanın bilgisayarını kesmek için, Net-Worms tarafından istismarlar yaygın olarak kullanılmaktadır. Nuker programları istismarlar arasında dikkate değerdir; Bu tür programlar, yerel veya uzak bilgisayarlara özel hazırlanmış istekleri göndererek sistemin çökmesine neden olur.Platform: Win32
Win32, 32-bit uygulamaların yürütülmesini destekleyen Windows NT tabanlı işletim sistemlerinde (Windows XP, Windows 7, vb.) Bir API'dir. Dünyanın en yaygın programlama platformlarından biri.Aile: Exploit.Win32.CVE-2016-7255
No family descriptionExamples
3674F077BA037397FDF75080873415FETactics and Techniques: Mitre*
TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1036.007
Double File Extension
Adversaries may abuse a double extension in the filename as a means of masquerading the true file type. A file name may include a secondary file type extension that may cause only the first extension to be displayed (ex:
File.txt.exe may render in some views as just File.txt). However, the second extension is the true file type that determines how the file is opened and executed. The real file extension may be hidden by the operating system in the file browser (ex: explorer.exe), as well as in any software configured using or similar to the system’s policies. T1112
Modify Registry
Adversaries may interact with the Windows Registry as part of a variety of other techniques to aid in defense evasion, persistence, and execution.
TA0009
Collection
The adversary is trying to gather data of interest to their goal. Collection consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary's objectives. Frequently, the next goal after collecting data is to steal (exfiltrate) the data. Common target sources include various drive types, browsers, audio, video, and email. Common collection methods include capturing screenshots and keyboard input.
T1185
Browser Session Hijacking
Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.