Sınıf: RiskTool
Bu kategorideki programlar, kötü niyetli amaçlarla kullanılabilecek bir dizi işleve (sistemde dosya gizleme, windows çalışan uygulamalarını gizleme, aktif işlemleri sonlandırma vb.) Sahiptir. Kendi başlarına, kötü niyetli değiller. NetTool olarak sınıflandırılan programların aksine, RiskTool programları yerel bilgisayarda çalışacak şekilde tasarlanmıştır. Bir kullanıcı bilgisayarında böyle bir program yüklediyse veya sistem yöneticisi tarafından kurulmuşsa, herhangi bir tehdit oluşturmaz.Platform: Win32
Win32, 32-bit uygulamaların yürütülmesini destekleyen Windows NT tabanlı işletim sistemlerinde (Windows XP, Windows 7, vb.) Bir API'dir. Dünyanın en yaygın programlama platformlarından biri.Aile: RiskTool.Win32.Miner
No family descriptionExamples
47B83D62369F0C651D862E2A642FA609Tactics and Techniques: Mitre*
TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1622
Debugger Evasion
Adversaries may employ various means to detect and avoid debuggers. Debuggers are typically used by defenders to trace and/or analyze the execution of potential malware payloads.
TA0007
Discovery
The adversary is trying to figure out your environment. Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what's around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
T1622
Debugger Evasion
Adversaries may employ various means to detect and avoid debuggers. Debuggers are typically used by defenders to trace and/or analyze the execution of potential malware payloads.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.