| Detecting Running Process: EnumProcess API |
U0109
U0405
U1306
|
|
|
| GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter |
U0110
U1308
|
|
|
| Time Bomb |
U1005
|
|
|
| GetForegroundWindow |
U1301
|
|
|
| Thermal Zone Temperature |
U1302
|
|
|
| Checking Malware Name |
U1303
U0401
|
|
|
| RDTSCP |
U1304
|
|
|
| API Hammering |
U1305
|
|
|
| Connected Printer |
U1309
|
|
|
| Detecting USB Drive |
U1310
|
|
|
| Detecting Hostname, Username |
U1311
|
|
|
| Checking Hard Drive Size |
U1312
|
|
|
| Checking Memory Size |
U1313
|
|
|
| Checking Installed Software |
U1314
|
|
|
| Checking Screen Resolution |
U1315
|
|
|
| Checking Recent Office Files |
U1316
|
|
|
| Checking Mouse Activity |
U1317
|
|
|
| Stalling Code |
U1318
|
|
|
| Onset Delay |
U1320
|
|
|
| VPCEXT |
U1321
|
|
|
| VMCPUID |
U1322
|
|
|
| IN |
U1323
|
|
|
| CPUID |
U1324
|
|
|
| STR |
U1325
|
|
|
| SMSW |
U1326
|
|
|
| SLDT, No Pill |
U1327
|
|
|
| SIDT, Red Pill |
U1328
|
|
|
| Checking Pipe |
U1329
|
|
|
| Detecting Hooked Function |
U1330
|
|
|
| Checking Specific Folder Name |
U1331
|
|
|
| Detecting Virtual Environment Artefacts |
U1332
|
|
|
| Detecting Virtual Environment Files |
U1333
|
|
|
| Detecting Virtual Environment Process |
U1334
|
|
|
| Detecting Mac Address |
U1335
|
|
|
| Querying the I/O Communication Port |
U1336
|
|
|
| Detecting Active Services |
U1337
|
|
|
| Detecting Online Sandbox |
U1338
|
|
|
| User Interaction (Are you human?) |
U1339
|
|
|
