Anti-Monitoring
Technique Name | Technique ID's | Has Snippet(s) | Has Rules(s) |
---|---|---|---|
Detecting Running Process: EnumProcess API | U0109 U0405 U1306 | ||
Kill Process | U0403 | ||
Parent Process Detection | U0404 | ||
Detecting Window with FindWindow API | U0406 U0123 | ||
Unloading Sysmon Driver | U0407 | ||
Checking Malware Name | U1303 U0401 |