GET /api/techniques/367/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 367,
"key": "buildcommdcbandtimeouta",
"unprotect_id": "U1342, T1497.002",
"name": "BuildCommDCBAndTimeoutA",
"description": "This technique uses a `BuildCommDCBAndTimeoutsA` API call to determine if the malware is detonating in a sandbox. Normally, a bogus device string would cause this API call to fail. However, some malware sandbox environments may emulate in a way that allows the API call to succeed even when given a bogus device string.",
"windows": "",
"linux": "",
"macos": "",
"resources": "",
"creation_date": "2024-03-20T00:00:50.060144Z",
"tags": "BuildCommDCBAndTimeoutsA, sandbox evasion",
"modification_date": "2024-03-20T00:10:09.498989Z",
"category": [
1
],
"rules": [
156
],
"attachments": [],
"featured_api": [],
"contributors": [
35
]
}
