Sınıf: Exploit
Exploits, açık veya kötü niyetli amaçlarla yerel veya uzak bilgisayarda çalışan yazılımlardaki bir veya daha fazla güvenlik açığından yararlanan veri veya yürütülebilir kod içeren programlardır. Çoğu zaman, kötü niyetli kullanıcılar, daha sonra kötü amaçlı kod yüklemek için (örneğin, tüm ziyaretçileri kötü niyetli bir programla tehlikeye girmiş bir web sitesine bulaştıracak şekilde) bir kurbanın bilgisayarına girmek için bir istismar kullanırlar. Ayrıca, kullanıcılardan herhangi bir işlem yapılmaksızın bir kurbanın bilgisayarını kesmek için, Net-Worms tarafından istismarlar yaygın olarak kullanılmaktadır. Nuker programları istismarlar arasında dikkate değerdir; Bu tür programlar, yerel veya uzak bilgisayarlara özel hazırlanmış istekleri göndererek sistemin çökmesine neden olur.Platform: Win64
Win64, 32/64-bit uygulamaların yürütülmesi için Windows tabanlı işletim sistemlerinde bir platformdur. Win64 programları, Windows'un 32 bit sürümlerinde başlatılamaz.Aile: Exploit.Win64.Crun
No family descriptionExamples
50FA9D45F1EB9DE32DB1AEF412E3EF9FTactics and Techniques: Mitre*
TA0007
Discovery
The adversary is trying to figure out your environment. Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what's around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
T1120
Peripheral Device Discovery
Adversaries may attempt to gather information about attached peripheral devices and components connected to a computer system. Peripheral devices could include auxiliary resources that support a variety of functionalities such as keyboards, printers, cameras, smart card readers, or removable storage. The information may be used to enhance their awareness of the system and network environment or may be used for further actions.
TA0009
Collection
The adversary is trying to gather data of interest to their goal. Collection consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary's objectives. Frequently, the next goal after collecting data is to steal (exfiltrate) the data. Common target sources include various drive types, browsers, audio, video, and email. Common collection methods include capturing screenshots and keyboard input.
T1113
Screen Capture
Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as
CopyFromScreen, xwd, or screencapture. * © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.