ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Rootkit (maintain local privileges and stealth)
VERIS
action.malware.variety.Rootkit
Mappings
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1543
Create or Modify System Process
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1014
Rootkit
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1036.003
Masquerading: Rename System Utilities
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542
Pre-OS Boot
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.001
Pre-OS Boot: System Firmware
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.002
Pre-OS Boot: Component Firmware
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.003
Pre-OS Boot: Bootkit
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.004
Pre-OS Boot: ROMMONkit
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.005
Pre-OS Boot: TFTP Boot