VERIS action.malware.variety.Disable controls Mappings

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1600 Weaken Encryption
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1212 Exploitation for Credential Access
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497 Virtualization/Sandbox Evasion
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1006 Direct Volume Access
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027 Obfuscated Files or Information
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027.001 Obfuscated Files or Information: Binary Padding
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027.002 Obfuscated Files or Information: Software Packaging
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027.003 Obfuscated Files or Information: Steganography
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027.004 Obfuscated Files or Information: Compile After Dilevery
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1027.005 Obfuscated Files or Information: Indicator Removal from Tools
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036 Masquerading
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036.001 Masquerading: Invalid Code Signature
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036.002 Masquerading: Right-to-Left Override
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036.003 Masquerading: Rename System Utilities
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036.004 Masquerading: Masquerade Task or Service
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036.005 Masquerading: Match Legitimate Name or Location
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1036.006 Masquerading: Space after Filename
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1222 File and Directory Permissions Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1222.001 File and Directory Permissions Modification: Windows File and Directory Permissions Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1222.002 File and Directory Permissions Modification: Linux and Mac File and Directory Permissions Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1490 Inhibit System Recovery
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497.001 Virtualization/Sandbox Evasion: System Checks
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497.002 Virtualization/Sandbox Evasion: User Activity Based Checks
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1497.003 Virtualization/Sandbox Evasion: Time Based Evasion
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553 Subvert Trust Contols
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.001 Subvert Trust Contols: Gatekeeper Bypass
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.002 Subvert Trust Contols: Code Signing
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.003 Subvert Trust Contols: SIP and Trust Provider Hijacking
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.004 Subvert Trust Contols: Install Root Certificate
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.005 Subvert Trust Contols: Mark-of-the-Web Bypass
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1553.006 Subvert Trust Contols: Code Signing Policy Modification
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562 Impair Defenses
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.001 Impair Defenses: Disable or Modify Tools
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.002 Impair Defenses: Disable Windows Event Logging
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.003 Impair Defenses: Impair Command History Logging
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.004 Impair Defenses: Disable or Modify System Firewall
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.006 Impair Defenses: Indicator Blocking
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.007 Impair Defenses: Disable or Modify Cloud Firewall
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1562.008 Impair Defenses: Disable Cloud Logs
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1574.012 Hijack Execution Flow: COR_PROFILER
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1600.001 Weaken Encryption: Reduce Key Space
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1600.002 Weaken Encryption: Disable Crypto Hardware
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1601 Modify System Image
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1601.001 Modify System Image: Patch System Image
action.malware.variety.Disable controls Disable or interfere with security controls related-to T1601.002 Modify System Image: Downgrade System Image