Detection Rule List
| Rule Name | Rule Type | Technique Count | Creation Date |
|---|---|---|---|
| CAPA_stackstring_obf | CAPA | 0 | 3 years |
| CAPA_mouse_cursor | CAPA | 1 | 3 years |
| CAPA_ntglobalflag | CAPA | 1 | 3 years |
| CAPA_debugged_flag | CAPA | 1 | 3 years |
| CAPA_gettickcount | CAPA | 1 | 3 years |
| CAPA_vm_instruction | CAPA | 0 | 3 years |
| CAPA_vm_artefact2 | CAPA | 1 | 3 years |
| CAPA_vm_registry | CAPA | 1 | 3 years |
| CAPA_localsize | CAPA | 1 | 3 years |
| CAPA_vm_artefact | CAPA | 1 | 3 years |
| CAPA_SetHandleInformation | CAPA | 1 | 3 years |
| CAPA_kill_process | CAPA | 1 | 3 years |
| CAPA_SANBOX_AV_CHECK | CAPA | 1 | 3 years |
| Delete Volume Shadow Copy | CAPA | 1 | 3 years |
| CAPA_sandbox_name | CAPA | 1 | 3 years |
| CAPA_resize_volume_shadow_copy_storage | CAPA | 0 | 3 years |