ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Capture data stored on system disk
VERIS
action.malware.variety.Capture stored data
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1016.002
Wi-Fi Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1114
Email Collection
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1587
Develop Capabilities
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1558.003
Kerberoasting
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1565.002
Transmitted Data Manipulation
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1005
Data from Local System
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1010
Application Window Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1025
Data from Removable Media
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1033
System Owner/User Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1039
Data from Network Shared Drive
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1083
File and Directory Discovery
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1119
Automated Collection
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1213
Data from Information Repositories
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1213.001
Confluence
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1213.002
Sharepoint
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1530
Data from Cloud Storage
action.malware.variety.Capture stored data
Capture data stored on system disk
related-to
T1602
Data from Configuration Repository
