Enum: MalwareCapabilityOv
Open vocabulary for malware capabilities (malware-capabilities-ov). Additional string values are allowed.
URI: attack:MalwareCapabilityOv
Permissible Values
| Value | Meaning | Description |
|---|---|---|
| accesses-remote-machines | None | |
| anti-debugging | None | |
| anti-disassembly | None | |
| anti-emulation | None | |
| anti-memory-forensics | None | |
| anti-sandbox | None | |
| anti-vm | None | |
| captures-input-peripherals | None | |
| captures-output-peripherals | None | |
| captures-system-state-data | None | |
| cleans-traces-of-infection | None | |
| commits-fraud | None | |
| communicates-with-c2 | None | |
| compromises-data-availability | None | |
| compromises-data-integrity | None | |
| compromises-system-availability | None | |
| controls-local-machine | None | |
| degrades-security-software | None | |
| degrades-system-updates | None | |
| determines-c2-server | None | |
| emails-spam | None | |
| escalates-privileges | None | |
| evades-av | None | |
| exfiltrates-data | None | |
| fingerprints-host | None | |
| hides-artifacts | None | |
| hides-executing-code | None | |
| infects-files | None | |
| infects-remote-machines | None | |
| installs-other-components | None | |
| persists-after-system-reboot | None | |
| prevents-artifact-access | None | |
| prevents-artifact-deletion | None | |
| probes-network-environment | None | |
| self-modifies | None | |
| steals-authentication-credentials | None | |
| violates-system-operational-integrity | None |
Comments
- open_vocabulary: "true"
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/attack
LinkML Source
name: MalwareCapabilityOv
description: Open vocabulary for malware capabilities (malware-capabilities-ov). Additional
string values are allowed.
comments:
- 'open_vocabulary: "true"'
from_schema: https://w3id.org/lmodel/attack
rank: 1000
permissible_values:
accesses-remote-machines:
text: accesses-remote-machines
anti-debugging:
text: anti-debugging
anti-disassembly:
text: anti-disassembly
anti-emulation:
text: anti-emulation
anti-memory-forensics:
text: anti-memory-forensics
anti-sandbox:
text: anti-sandbox
anti-vm:
text: anti-vm
captures-input-peripherals:
text: captures-input-peripherals
captures-output-peripherals:
text: captures-output-peripherals
captures-system-state-data:
text: captures-system-state-data
cleans-traces-of-infection:
text: cleans-traces-of-infection
commits-fraud:
text: commits-fraud
communicates-with-c2:
text: communicates-with-c2
compromises-data-availability:
text: compromises-data-availability
compromises-data-integrity:
text: compromises-data-integrity
compromises-system-availability:
text: compromises-system-availability
controls-local-machine:
text: controls-local-machine
degrades-security-software:
text: degrades-security-software
degrades-system-updates:
text: degrades-system-updates
determines-c2-server:
text: determines-c2-server
emails-spam:
text: emails-spam
escalates-privileges:
text: escalates-privileges
evades-av:
text: evades-av
exfiltrates-data:
text: exfiltrates-data
fingerprints-host:
text: fingerprints-host
hides-artifacts:
text: hides-artifacts
hides-executing-code:
text: hides-executing-code
infects-files:
text: infects-files
infects-remote-machines:
text: infects-remote-machines
installs-other-components:
text: installs-other-components
persists-after-system-reboot:
text: persists-after-system-reboot
prevents-artifact-access:
text: prevents-artifact-access
prevents-artifact-deletion:
text: prevents-artifact-deletion
probes-network-environment:
text: probes-network-environment
self-modifies:
text: self-modifies
steals-authentication-credentials:
text: steals-authentication-credentials
violates-system-operational-integrity:
text: violates-system-operational-integrity