VERIS action.malware.variety.Capture app data Mappings

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.malware.variety.Capture app data Capture data from application or system process related-to T1539 Steal Web Session Cookie
action.malware.variety.Capture app data Capture data from application or system process related-to T1185 Man in the Browser
action.malware.variety.Capture app data Capture data from application or system process related-to T1056 Input Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1056.001 Input Capture: Keylogging
action.malware.variety.Capture app data Capture data from application or system process related-to T1056.002 Input Capture: GUI Input Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1056.003 Input Capture: Web Portal Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1056.004 Input Capture: Credential API Hooking
action.malware.variety.Capture app data Capture data from application or system process related-to T1113 Screen Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1114 Email Collection
action.malware.variety.Capture app data Capture data from application or system process related-to T1114.001 Email Collection: Local Email Collection
action.malware.variety.Capture app data Capture data from application or system process related-to T1114.002 Email Collection: Remote Email Collection
action.malware.variety.Capture app data Capture data from application or system process related-to T1114.003 Email Collection: Email Forwarding Rule
action.malware.variety.Capture app data Capture data from application or system process related-to T1123 Audio Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1125 Video Capture
action.malware.variety.Capture app data Capture data from application or system process related-to T1176 Browser Extensions
action.malware.variety.Capture app data Capture data from application or system process related-to T1207 Rogue Domain Controller
action.malware.variety.Capture app data Capture data from application or system process related-to T1217 Browser Bookmark Discovery
action.malware.variety.Capture app data Capture data from application or system process related-to T1528 Steal Application Access Token