Detection Rule List

Rule Name Rule Type Technique Count Creation Date
CAPA_Check_ICEBP CAPA 1 1 week, 1 day
CAPA_NtQueryInformation CAPA 1 1 week, 1 day
CAPA_Trap_Flag CAPA 1 1 week, 1 day
CAPA_Software_Breakpoint CAPA 1 1 week, 1 day
YARA_Detect_EventLogTampering YARA 1 1 week, 2 days
YARA_Detect_FindWindow YARA 1 2 weeks
YARA_Detect_LocalSize YARA 1 2 weeks
YARA_Detect_RDTSC YARA 1 2 weeks
YARA_Detect_NtQueryInformationProcess YARA 1 2 weeks
YARA_Detect_NtSetInformationThread YARA 1 2 weeks
YARA_Detect_NtQueryObject YARA 1 2 weeks
Yara_Detect_OutputDebugString YARA 1 2 weeks
YARA_Detect_EventPairHandles YARA 1 2 weeks
YARA_Detect_CsrGetProcessID YARA 1 2 weeks
YARA_Detect_CloseHandle YARA 1 2 weeks
Detect_EnumProcess YARA 1 2 weeks
YARA_Detect_ExceptionHandler YARA 1 2 weeks
Detect_Interrupts YARA 3 2 weeks
Detect_OllyDbg_BadFormat_Trick YARA 1 2 weeks
YARA_Detect_GuardPages YARA 1 2 weeks
YARA_Detect_IsDebuggerPresent YARA 1 2 weeks
YARA_Detect_SetDebugFilterState YARA 1 2 weeks
YARA_Detect_SuspendThread YARA 1 2 weeks
YARA_QEMU_REGISTRY YARA 1 2 weeks, 2 days
YARA_DebuggerCheck__RemoteAPI YARA 0 2 weeks, 2 days
YARA_DebuggerCheck_GlobalFlags YARA 1 2 weeks, 2 days
YARA_detect_tlscallback YARA 1 2 weeks, 2 days
YARA_Findcrypt YARA 2 2 weeks, 2 days
YARA_Check_installed_software YARA 0 2 weeks, 2 days
YARA_wiping_event YARA 0 2 weeks, 2 days
Filter
Clear