VERIS action.malware.variety.Disable controls Mappings

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1006 Direct Volume Access
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027 Obfuscated Files or Information
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1563 Remote Service Session Hijacking
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1111 Multi-Factor Authentication Interception
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1095 Non-Application Layer Protocol
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1499 Endpoint Denial of Service
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1059.011 Lua
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036 Masquerading
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1505.004 IIS Components
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.007 Disable or Modify Cloud Firewall
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1195.002 Compromise Software Supply Chain
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1568 Dynamic Resolution
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1074.001 Local Data Staging
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1622 Debugger Evasion
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1212 Exploitation for Credential Access
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1222 File and Directory Permissions Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1222.001 Windows File and Directory Permissions Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1222.002 Linux and Mac File and Directory Permissions Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1490 Inhibit System Recovery
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497 Virtualization/Sandbox Evasion
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497.001 System Checks
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497.002 User Activity Based Checks
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497.003 Time Based Evasion
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553 Subvert Trust Controls
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.001 Gatekeeper Bypass
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.002 Code Signing
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.003 SIP and Trust Provider Hijacking
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.004 Install Root Certificate
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.005 Mark-of-the-Web Bypass
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.006 Code Signing Policy Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562 Impair Defenses
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.001 Disable or Modify Tools
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.002 Disable Windows Event Logging
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.003 Impair Command History Logging
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.004 Disable or Modify System Firewall
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.006 Indicator Blocking
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.007 Disable or Modify Cloud Firewall
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.008 Disable or Modify Cloud Logs
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.011 Spoof Security Alerting
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.012 Disable or Modify Linux Audit System
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1574.012 COR_PROFILER
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1600 Weaken Encryption
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1600.001 Reduce Key Space
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1600.002 Disable Crypto Hardware
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1601 Modify System Image
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1601.001 Patch System Image
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1601.002 Downgrade System Image