Detection Rule List

Rule Name Rule Type Technique Count Creation Date
CAPA_Check_ICEBP CAPA 1 5 months
CAPA_NtQueryInformation CAPA 1 5 months
CAPA_Trap_Flag CAPA 1 5 months
CAPA_Software_Breakpoint CAPA 1 5 months
YARA_Detect_EventLogTampering YARA 1 5 months
YARA_Detect_FindWindow YARA 1 5 months, 1 week
YARA_Detect_LocalSize YARA 1 5 months, 1 week
YARA_Detect_RDTSC YARA 1 5 months, 1 week
YARA_Detect_NtQueryInformationProcess YARA 1 5 months, 1 week
YARA_Detect_NtSetInformationThread YARA 1 5 months, 1 week
YARA_Detect_NtQueryObject YARA 1 5 months, 1 week
Yara_Detect_OutputDebugString YARA 1 5 months, 1 week
YARA_Detect_EventPairHandles YARA 1 5 months, 1 week
YARA_Detect_CsrGetProcessID YARA 1 5 months, 1 week
YARA_Detect_CloseHandle YARA 1 5 months, 1 week
Detect_EnumProcess YARA 1 5 months, 1 week
YARA_Detect_ExceptionHandler YARA 1 5 months, 1 week
Detect_Interrupts YARA 3 5 months, 1 week
Detect_OllyDbg_BadFormat_Trick YARA 1 5 months, 1 week
YARA_Detect_GuardPages YARA 1 5 months, 1 week
YARA_Detect_IsDebuggerPresent YARA 1 5 months, 1 week
YARA_Detect_SetDebugFilterState YARA 1 5 months, 1 week
YARA_Detect_SuspendThread YARA 1 5 months, 1 week
YARA_detect_tlscallback YARA 1 5 months, 1 week
YARA_DebuggerCheck_GlobalFlags YARA 1 5 months, 1 week
YARA_wiping_event YARA 0 5 months, 1 week
YARA_DebuggerCheck__RemoteAPI YARA 0 5 months, 1 week
YARA_Detect_AntiVMWithTemperature YARA 0 5 months, 1 week
YARA_QEMU_REGISTRY YARA 1 5 months, 1 week
YARA_Detect_Possible_GetForegroundWindow_Evasion YARA 0 5 months, 1 week
Filter
Clear