ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 9.0 Enterprise and VERIS 1.3.5.
Change versions here.
Home
Mapping Frameworks
VERIS Home
RAM scraper or memory parser (capture data from volatile memory)
VERIS
action.malware.variety.RAM scraper
Mappings
ATT&CK Version
9.0
ATT&CK Domain
Enterprise
VERIS
1.3.5
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.002
OS Credential Dumping: Security Account Manager
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.001
OS Credential Dumping: LSASS Memory
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.004
OS Credential Dumping: LSA Secrets
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.005
OS Credential Dumping: Cached Domain Credentials
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1555.002
Credentials from Password Stores: Securityd Memory
