Home
Mapping Frameworks
VERIS Home
Password dumper (extract credential hashes)

VERIS action.malware.variety.Password dumper Mappings

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003	OS Credential Dumping
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.001	OS Credential Dumping: LSASS Memory
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.002	OS Credential Dumping: Security Account Manager
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.003	OS Credential Dumping: NTDS
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.004	OS Credential Dumping: LSA Secrets
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.005	OS Credential Dumping: Cached Domain Credentials
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.006	OS Credential Dumping: DCSync
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.007	OS Credential Dumping: Proc Filesystem
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1003.008	OS Credential Dumping: /etc/passwd and /etc/shadow
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1056.004	Input Capture: Credential API Hooking
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1212	Exploitation for Credential Access
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1550.002	Use Alternate Authentication Material: Pass the Hash
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.001	Unsecured Credentials: Credentials in Files
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.002	Unsecured Credentials: Credentials in Registry
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.003	Unsecured Credentials: Bash History
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.004	Unsecured Credentials: Private Keys
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.005	Unsecured Credentials: Cloud Instance Metadata API
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.006	Unsecured Credentials: Group Policy Preferences
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1552.008	Unsecured Credentials: Chat Messages
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555	Credentials from Password Stores
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555.001	Credentials from Password Stores: Keychain
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555.002	Credentials from Password Stores: Securityd Memory
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555.003	Credentials from Password Stores: Credentials from Web Browser
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555.004	Credentials from Password Stores: Windows Credential Manager
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555.005	Credentials from Password Stores: Password Managers
action.malware.variety.Password dumper	Password dumper (extract credential hashes)	related-to	T1555.006	Credentials from Password Stores: Cloud Secrets Management Stores