ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
(malware never stored to persistent storage)
VERIS
action.malware.variety.In-memory
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1003.007
OS Credential Dumping: Proc Filesystem
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055
Process Injection
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.001
Process Injection: Dynamic-link Library Injection
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.002
Process Injection: Portable Executable Injection
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.003
Process Injection: Thread Execution Hijacking
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.004
Process Injection: Asynchronous Procedure Call
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.005
Process Injection: Thread Local Storage
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.008
Process Injection: Ptrace System Calls
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.009
Process Injection: Proc Memory
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.011
Process Injection: Extra Window Memory Injection
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.012
Process Injection: Process Hollowing
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.013
Process Injection: Process Doppelganging
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055.014
Process Injection: VDSO Hijacking
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1115
Clipboard Data
