ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
VERIS
action.malware.variety.Evade Defenses
Mappings
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564
Hide Artifacts
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.001
Hide Artifacts: Hidden Files and Directories
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.002
Hide Artifacts: Hidden Users
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.003
Hide Artifacts: Hidden Window
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.004
Hide Artifacts: NTFS File Attributes
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.005
Hide Artifacts: Hidden File System
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.006
Hide Artifacts: Run Virtual Instance
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1564.007
Hide Artifacts: VBA Stomping
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1562
Impair Defenses
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1622
Debugger Evasion
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1211
Exploitation for Defense Evasion
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1036
Masquerading
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1014
Rootkit
action.malware.variety.Evade Defenses
Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.
related-to
T1553
Subvert Trust Controls