TA0001 5
Initial Access
T1078Valid Accounts
T1190Exploit Public-Facing Application
T1199Trusted Relationship
T1566Phishing
T1566.001Phishing: Spearphishing Attachment
TA0003 2
Persistence
T1053Scheduled Task/Job
T1053.003Scheduled Task/Job: Cron
TA0004 0
Privilege Escalation
TA0005 4
Defense Evasion
T1027Obfuscated Files or Information
T1112Modify Registry
T1562Impair Defenses
T1562.001Impair Defenses: Disable or Modify Tools
TA0006 1
Credential Access
T1003OS Credential Dumping
TA0007 4
Discovery
T1018Remote System Discovery
T1083File and Directory Discovery
T1614System Location Discovery
T1614.001System Location Discovery: System Language Discovery
TA0008 1
Lateral Movement
T1021Remote Services
TA0009 1
Collection
T1560Archive Collected Data
TA0010 1
Exfiltration
T1567Exfiltration Over Web Service
TA0011 1
Command & Control
T1219Remote Access Tools
TA0040 3
Impact
T1486Data Encrypted for Impact
T1489Service Stop
T1490Inhibit System Recovery