GET /api/techniques/13/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 13,
"key": "checking-specific-folder-name",
"unprotect_id": "U1331",
"name": "Checking Specific Folder Name",
"description": "Specific directories, such as \"C:\\Cuckoo\", can serve as indicators of a sandboxed or virtualized environment when present on a guest system. Consequently, a savvy piece of malware could potentially use the detection of this particular directory as a means of evading analysis. This would allow the malicious software to alter its behavior or even halt its execution altogether when it identifies such markers, thus skirting the sandbox and avoiding detection.",
"resources": "https://www.slideshare.net/ThomasRoccia/sandbox-evasion-cheat-sheet",
"creation_date": "2019-03-11T07:59:28Z",
"tags": "Special path, Cuckoo, Guest system, Malware, Sandbox evasion",
"modification_date": "2023-10-04T10:42:06.572000Z",
"category": [
1
],
"rules": [],
"attachments": [],
"featured_api": [
23,
381
],
"contributors": []
}
