Anti-Forensic

Technique Name	Technique ID's	Has Snippet(s)	Has Rules(s)
Clear Windows Event Logs	T1070.001 U0302
Wiping or Encrypting	U0301
Timestomp	U0303 T1070.006
Killing Windows Event Log	U0304
Volume Shadow Copy Service (VSC,VSS) Deletion	U0305 T1070.004
Disabling Event Tracing for Windows (ETW)	U0306
Windows Event Log Evasion via Native APIs	U0307