{"description": "Enterprise techniques used by AcidRain, ATT&CK software S1125 (v1.1)", "name": "AcidRain (S1125)", "domain": "enterprise-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T1485", "comment": "[AcidRain](https://attack.mitre.org/software/S1125) performs an in-depth wipe of the target filesystem and various attached storage devices through either a data overwrite or calling various IOCTLS to erase it.(Citation: AcidRain JAGS 2022)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T1561", "showSubtechniques": true}, {"techniqueID": "T1561.001", "comment": "[AcidRain](https://attack.mitre.org/software/S1125) iterates over device file identifiers on the target, opens the device file, and either overwrites the file or calls various IOCTLS commands to erase it.(Citation: AcidRain JAGS 2022)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1083", "comment": "[AcidRain](https://attack.mitre.org/software/S1125) identifies specific files and directories in the Linux operating system associated with storage devices.(Citation: AcidRain JAGS 2022)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T1529", "comment": "[AcidRain](https://attack.mitre.org/software/S1125) reboots the target system once the various wiping processes are complete.(Citation: AcidRain JAGS 2022)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "used by AcidRain", "color": "#66b1ff"}]}