ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Password dumper (extract credential hashes)
VERIS
action.malware.variety.Password dumper
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1003
OS Credential Dumping
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1222
File and Directory Permissions Modification
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1114
Email Collection
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1587
Develop Capabilities
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1547
Boot or Logon Autostart Execution
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1598.004
Spearphishing Voice
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1558.003
Kerberoasting
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1115
Clipboard Data
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1565.002
Transmitted Data Manipulation
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1546.017
Udev Rules
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1212
Exploitation for Credential Access
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1550.002
Pass the Hash
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.001
Credentials In Files
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.002
Credentials in Registry
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.003
Bash History
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.004
Private Keys
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.005
Cloud Instance Metadata API
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.006
Group Policy Preferences
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1552.008
Chat Messages
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555
Credentials from Password Stores
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.001
Keychain
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.002
Securityd Memory
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.003
Credentials from Web Browsers
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.004
Windows Credential Manager
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.005
Password Managers
action.malware.variety.Password dumper
Password dumper (extract credential hashes)
related-to
T1555.006
Cloud Secrets Management Stores