ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
(malware never stored to persistent storage)
VERIS
action.malware.variety.In-memory
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1115
Clipboard Data
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1055
Process Injection
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1053.002
At
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1612
Build Image on Host
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1560.002
Archive via Library
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1036.004
Masquerade Task or Service
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1538
Cloud Service Dashboard
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1548.006
TCC Manipulation
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1059.003
Windows Command Shell
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
None
None
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1585.001
Social Media Accounts
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1125
Video Capture
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1546.001
Change Default File Association
action.malware.variety.In-memory
(malware never stored to persistent storage)
related-to
T1115
Clipboard Data