ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Password dumper (extract credential hashes)
VERIS
action.malware.variety.Password dumper
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003
OS Credential Dumping
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1222
File and Directory Permissions Modification
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1114
Email Collection
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1587
Develop Capabilities
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1547
Boot or Logon Autostart Execution
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1598.004
Spearphishing Voice
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1558.003
Kerberoasting
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1115
Clipboard Data
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1565.002
Transmitted Data Manipulation
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1546.017
Udev Rules
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1212
Exploitation for Credential Access
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1550.002
Pass the Hash
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.001
Credentials In Files
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.002
Credentials in Registry
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.003
Bash History
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.004
Private Keys
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.005
Cloud Instance Metadata API
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.006
Group Policy Preferences
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.008
Chat Messages
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555
Credentials from Password Stores
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.001
Keychain
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.002
Securityd Memory
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.003
Credentials from Web Browsers
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.004
Windows Credential Manager
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.005
Password Managers
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.006
Cloud Secrets Management Stores
