GET /api/techniques/15/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 15,
"key": "checking-pipe",
"unprotect_id": "U1329",
"name": "Checking Pipe",
"description": "Cuckoo is a malware analysis system that uses a named pipe, called \\\\.\\pipe\\cuckoo, for communication between the host system (where the malware is being analyzed) and the guest system (where the malware is running). \r\n\r\nA malware that is running on the guest system can detect the presence of a virtual environment by attempting to access the \\\\.\\pipe\\cuckoo named pipe. If the named pipe exists, it indicates that the malware is running on a virtual machine being monitored by Cuckoo. This information can be used by the malware to adjust its behavior in order to evade detection or to avoid performing certain actions.",
"resources": "https://www.slideshare.net/ThomasRoccia/sandbox-evasion-cheat-sheet",
"creation_date": "2019-03-11T08:01:31Z",
"tags": "Sandbox,\r\nCuckoo,\r\nHost system,\r\nGuest system,\r\nCommunication,\r\nNamed pipe,\r\nVirtual environment,",
"modification_date": "2023-10-04T10:42:28.443000Z",
"category": [
1
],
"rules": [],
"attachments": [],
"featured_api": [],
"contributors": []
}
