VERIS action.malware.variety.Capture app data Mappings

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.malware.variety.Capture app data Capture data from application or system process related-to T1056 Input Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1596.003 Digital Certificates
action.malware.variety.Capture app data Capture data from application or system process related-to T1547.006 Kernel Modules and Extensions
action.malware.variety.Capture app data Capture data from application or system process related-to T1090.002 External Proxy
action.malware.variety.Capture app data Capture data from application or system process related-to T1546.017 Udev Rules
action.malware.variety.Capture app data Capture data from application or system process related-to T1113 Screen Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1114 Email Collection
action.malware.variety.Capture app data Capture data from application or system process related-to T1110.002 Password Cracking
action.malware.variety.Capture app data Capture data from application or system process related-to T1556.006 Multi-Factor Authentication
action.malware.variety.Capture app data Capture data from application or system process related-to T1546.009 AppCert DLLs
action.malware.variety.Capture app data Capture data from application or system process related-to T1123 Audio Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1125 Video Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1176 Browser Extensions
action.malware.variety.Capture app data Capture data from application or system process related-to T1185 Browser Session Hijacking
action.malware.variety.Capture app data Capture data from application or system process related-to T1207 Rogue Domain Controller
action.malware.variety.Capture app data Capture data from application or system process related-to T1528 Steal Application Access Token
action.malware.variety.Capture app data Capture data from application or system process related-to T1539 Steal Web Session Cookie