ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Rootkit (maintain local privileges and stealth)
VERIS
action.malware.variety.Rootkit
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1543
Create or Modify System Process
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1014
Rootkit
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1036.003
Masquerading: Rename System Utilities
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542
Pre-OS Boot
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.001
Pre-OS Boot: System Firmware
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.002
Pre-OS Boot: Component Firmware
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.003
Pre-OS Boot: Bootkit
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.004
Pre-OS Boot: ROMMONkit
action.malware.variety.Rootkit
Rootkit (maintain local privileges and stealth)
related-to
T1542.005
Pre-OS Boot: TFTP Boot
