ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 9.0 Enterprise and VERIS 1.3.5.
Change versions here.
Home
Mapping Frameworks
VERIS Home
RAM scraper or memory parser (capture data from volatile memory)
VERIS
action.malware.variety.RAM scraper
Mappings
Mappings
ATT&CK Version
9.0
ATT&CK Domain
Enterprise
VERIS
1.3.5
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.002
OS Credential Dumping: Security Account Manager
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.001
OS Credential Dumping: LSASS Memory
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.004
OS Credential Dumping: LSA Secrets
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1003.005
OS Credential Dumping: Cached Domain Credentials
action.malware.variety.RAM scraper
RAM scraper or memory parser (capture data from volatile memory)
related-to
T1555.002
Credentials from Password Stores: Securityd Memory