ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Password dumper (extract credential hashes)
VERIS
action.malware.variety.Password dumper
Mappings
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1212
Exploitation for Credential Access
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1550.002
Use Alternate Authentication Material: Pass the Hash
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1056.004
Input Capture: Credential API Hooking
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.002
OS Credential Dumping: Security Account Manager
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.003
OS Credential Dumping: NTDS
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.006
OS Credential Dumping: DCSync
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.008
OS Credential Dumping: /etc/passwd and /etc/shadow
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.007
OS Credential Dumping: Proc Filesystem
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003
OS Credential Dumping
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.001
OS Credential Dumping: LSASS Memory
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.004
OS Credential Dumping: LSA Secrets
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003.005
OS Credential Dumping: Cached Domain Credentials
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.001
Unsecured Credentials: Credentials in Files
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.002
Unsecured Credentials: Credentials in Registry
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.003
Unsecured Credentials: Bash History
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.004
Unsecured Credentials: Private Keys
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.005
Unsecured Credentials: Cloud Instance Metadata API
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.006
Unsecured Credentials: Group Policy Preferences
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555
Credentials from Password Stores
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.001
Credentials from Password Stores: Keychain
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.002
Credentials from Password Stores: Securityd Memory
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.003
Credentials from Password Stores: Credentials from Web Browser
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.004
Credentials from Password Stores: Windows Credential Manager
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.005
Credentials from Password Stores: Password Managers