ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
VERIS
action.malware.variety.C2
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1001.001
Data Obfuscation: Junk Data
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1008
Fallback Channels
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1071
Application Layer Protocol
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1071.001
Application Layer Protocol: Web Protocols
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1071.002
Application Layer Protocol: File Transfer Protocol
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1071.003
Application Layer Protocol: Mail Protocols
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1071.004
Application Layer Protocol: DNS
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1071.005
Publish/Subscribe Protocols
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1090
Proxy
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1090.001
Proxy: Internal Proxy
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1090.002
Proxy: External Proxy
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1090.003
Proxy: Multi-hop Proxy
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1090.004
Proxy: Domain Fronting
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1095
Non-Application Layer Protocol
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1102
Web Service
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1102.001
Web Service: Dead Drop Resolver
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1102.002
Web Service: Bidirectional Communication
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1102.003
Web Service: One-Way Communication
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1104
Multi-Stage Channels
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1132
Data Encoding
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1132.001
Data Encoding: Standard Encoding
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1132.002
Data Encoding: Non-Standard Encoding
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1205
Traffic Signaling
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1205.001
Traffic Signaling: Port Knocking
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1568
Dynamic Resolution
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1568.001
Dynamic Resolution: Fast Flux DSN
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1568.002
Dynamic Resolution: Domain Generation Algorithms
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1568.003
Dynamic Resolution: DNS Calculation
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1571
Non-Standard Port
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1572
Protocol Tunneling
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1573
Encrypted Channels
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1573.001
Encrypted Channels: Symmetric Cryptography
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1573.002
Encrypted Channels: Asymmetric Cryptography
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1583.001
Acquire Infrastructure: Domains
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1583.002
Acquire Infrastructure: DNS Server
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1583.006
Acquire Infrastructure: Web Services
action.malware.variety.C2
Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.
related-to
T1584.002
Compromise Infrastructure: DNS Server
