ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
VERIS
action.malware.variety.Backdoor or C2
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1001.001
Data Obfuscation: Junk Data
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1008
Fallback Channels
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1037
Boot or Logon Initialization Scripts
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071
Application Layer Protocol
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.001
Application Layer Protocol: Web Protocols
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.002
Application Layer Protocol: File Transfer Protocol
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.003
Application Layer Protocol: Mail Protocols
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1071.004
Application Layer Protocol: DNS
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090
Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.001
Proxy: Internal Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.002
Proxy: External Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.003
Proxy: Multi-hop Proxy
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1090.004
Proxy: Domain Fronting
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1095
Non-Application Layer Protocol
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1098
Account Manipulation
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102
Web Service
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102.001
Web Service: Dead Drop Resolver
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102.002
Web Service: Bidirectional Communication
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1102.003
Web Service: One-Way Communication
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1104
Multi-Stage Channels
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1132
Data Encoding
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1132.001
Data Encoding: Standard Encoding
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1132.002
Data Encoding: Non-Standard Encoding
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1133
External Remote Services
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1205
Traffic Signaling
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1205.001
Traffic Signaling: Port Knocking
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505
Server Software Component
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505.001
Server Software Component: SQL Stored Procedures
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505.002
Server Software Component: Transport Agent
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1505.003
Server Software Component: Web Shell
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1525
Implant Internal Image
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1543
Create or Modify System Process
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1546
Event Triggered Execution
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1547
Boot or Logon Autostart Execution
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1554
Compromise Client Software Binary
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568
Dynamic Resolution
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568.001
Dynamic Resolution: Fast Flux DSN
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568.002
Dynamic Resolution: Domain Generation Algorithms
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1568.003
Dynamic Resolution: DNS Calculation
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1571
Non-Standard Port
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1572
Protocol Tunneling
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1573
Encrypted Channels
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1573.001
Encrypted Channels: Symmetric Cryptography
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1573.002
Encrypted Channels: Asymmetric Cryptography
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1583.001
Acquire Infrastructure: Domains
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1583.002
Acquire Infrastructure: DNS Server
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1583.006
Acquire Infrastructure: Web Services
action.malware.variety.Backdoor or C2
Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.
related-to
T1584.002
Compromise Infrastructure: DNS Server
