Detection Rule List

Rule Name Rule Type Technique Count Creation Date
YARA_Detect_AntiVMWithTemperature YARA 0 2 weeks, 2 days
YARA_SHADOW_COPY_DELETION YARA 1 2 weeks, 2 days
YARA_disable_process YARA 1 2 weeks, 2 days
YARA_Detect_Possible_GetForegroundWindow_Evasion YARA 0 2 weeks, 2 days
YARA_uac_bypass YARA 1 2 weeks, 2 days
YARA_mac_detection YARA 0 2 weeks, 2 days
YARA_PACKER_antiunpack YARA 1 2 weeks, 2 days
YARA_Shamoon_Wiper YARA 1 2 weeks, 2 days
YARA_disable_antivirus YARA 0 2 weeks, 2 days
YARA_VBOX_REGISTRY YARA 1 2 weeks, 2 days
CAPA_output_debug_string CAPA 1 2 weeks, 2 days
CAPA_debugger_api CAPA 1 2 weeks, 2 days
CAPA_debug_register CAPA 1 2 weeks, 2 days
CAPA_crash_eventlog CAPA 2 2 weeks, 2 days
CAPA_clear_log CAPA 1 2 weeks, 2 days
CAPA_timestomp CAPA 0 2 weeks, 2 days
CAPA_QueryPerformanceCounter CAPA 1 2 weeks, 2 days
CAPA_device_pipe CAPA 0 2 weeks, 2 days
CAPA_detect_vm_process CAPA 2 2 weeks, 2 days
CAPA_stackstring_obf CAPA 0 2 weeks, 2 days
CAPA_mouse_cursor CAPA 1 2 weeks, 2 days
CAPA_ntglobalflag CAPA 1 2 weeks, 2 days
CAPA_debugged_flag CAPA 1 2 weeks, 2 days
CAPA_gettickcount CAPA 1 2 weeks, 2 days
CAPA_vm_instruction CAPA 0 2 weeks, 2 days
CAPA_vm_artefact2 CAPA 1 2 weeks, 2 days
CAPA_vm_registry CAPA 1 2 weeks, 2 days
CAPA_localsize CAPA 1 2 weeks, 2 days
CAPA_vm_artefact CAPA 1 2 weeks, 2 days
CAPA_SetHandleInformation CAPA 1 2 weeks, 2 days
Filter
Clear