ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Capture data stored on system disk
VERIS
action.malware.variety.Capture stored data
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1016.002
Wi-Fi Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1114
Email Collection
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1587
Develop Capabilities
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1558.003
Kerberoasting
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1565.002
Transmitted Data Manipulation
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1005
Data from Local System
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1010
Application Window Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1025
Data from Removable Media
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1033
System Owner/User Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1039
Data from Network Shared Drive
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1083
File and Directory Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1119
Automated Collection
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1213
Data from Information Repositories
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1213.001
Confluence
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1213.002
Sharepoint
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1530
Data from Cloud Storage
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1602
Data from Configuration Repository
