VERIS action.malware.variety.Password dumper Mappings

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1212 Exploitation for Credential Access
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1550.002 Use Alternate Authentication Material: Pass the Hash
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1056.004 Input Capture: Credential API Hooking
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.002 OS Credential Dumping: Security Account Manager
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.003 OS Credential Dumping: NTDS
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.006 OS Credential Dumping: DCSync
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.008 OS Credential Dumping: /etc/passwd and /etc/shadow
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.007 OS Credential Dumping: Proc Filesystem
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003 OS Credential Dumping
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.001 OS Credential Dumping: LSASS Memory
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.004 OS Credential Dumping: LSA Secrets
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1003.005 OS Credential Dumping: Cached Domain Credentials
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1552.001 Unsecured Credentials: Credentials in Files
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1552.002 Unsecured Credentials: Credentials in Registry
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1552.003 Unsecured Credentials: Bash History
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1552.004 Unsecured Credentials: Private Keys
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1552.005 Unsecured Credentials: Cloud Instance Metadata API
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1552.006 Unsecured Credentials: Group Policy Preferences
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1555 Credentials from Password Stores
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1555.001 Credentials from Password Stores: Keychain
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1555.002 Credentials from Password Stores: Securityd Memory
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1555.003 Credentials from Password Stores: Credentials from Web Browser
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1555.004 Credentials from Password Stores: Windows Credential Manager
action.malware.variety.Password dumper Password dumper (extract credential hashes) related-to T1555.005 Credentials from Password Stores: Password Managers