ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
VERIS
action.malware.variety.Backdoor or C2
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505.001
Server Software Component: SQL Stored Procedures
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505.002
Server Software Component: Transport Agent
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1543
Create or Modify System Process
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1547
Boot or Logon Autostart Execution
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1098
Account Manipulation
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1037
Boot or Logon Initialization Scripts
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1554
Compromise Client Software Binary
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1546
Event Triggered Execution
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1133
External Remote Services
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1525
Implant Internal Image
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1001.001
Data Obfuscation: Junk Data
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071
Application Layer Protocol
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1132
Data Encoding
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1132.001
Data Encoding: Standard Encoding
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1132.002
Data Encoding: Non-Standard Encoding
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568
Dynamic Resolution
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568.001
Dynamic Resolution: Fast Flux DSN
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568.002
Dynamic Resolution: Domain Generation Algorithms
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568.003
Dynamic Resolution: DNS Calculation
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1573
Encrypted Channels
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1573.002
Encrypted Channels: Asymmetric Cryptography
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1573.001
Encrypted Channels: Symmetric Cryptography
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1008
Fallback Channels
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1104
Multi-Stage Channels
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1572
Protocol Tunneling
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090
Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1205
Traffic Signaling
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1205.001
Traffic Signaling: Port Knocking
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102
Web Service
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1583.006
Acquire Infrastructure: Web Services
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1583.001
Acquire Infrastructure: Domains
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1583.002
Acquire Infrastructure: DNS Server
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1584.002
Compromise Infrastructure: DNS Server
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1095
Non-Application Layer Protocol
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1571
Non-Standard Port
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505
Server Software Component
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505.003
Server Software Component: Web Shell
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.001
Application Layer Protocol: Web Protocols
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.002
Application Layer Protocol: File Transfer Protocol
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.003
Application Layer Protocol: Mail Protocols
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.004
Application Layer Protocol: DNS
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.001
Proxy: Internal Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.002
Proxy: External Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.003
Proxy: Multi-hop Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.004
Proxy: Domain Fronting
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102.001
Web Service: Dead Drop Resolver
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102.002
Web Service: Bidirectional Communication
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102.003
Web Service: One-Way Communication
