Detection Rule List
| Rule Name | Rule Type | Technique Count | Creation Date |
|---|---|---|---|
| CAPA_Unhook-FreeLibrary | CAPA | 1 | 2 years, 7 months |
| CAPA_Hook_Injection1 | CAPA | 0 | 2 years, 10 months |
| CAPA_Hook_Injection | CAPA | 0 | 2 years, 10 months |
| Detect Confuser | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_vmprotect | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_Petite | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_Themida | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_PeCompact | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_NSpack | CAPA | 1 | 3 years, 4 months |
| ASPack Packer Detection | CAPA | 1 | 3 years, 4 months |
| UPX Packer Detection | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_QEMU | CAPA | 0 | 3 years, 4 months |
| Check Sandbox Process | CAPA | 1 | 3 years, 4 months |
| Detect File Melt | CAPA | 1 | 3 years, 4 months |
| CAPA_Detect_Timestomp | CAPA | 1 | 3 years, 4 months |
| CAPA_FileVersion_Impersonation | CAPA | 1 | 3 years, 4 months |
| CAPA_check_PPID | CAPA | 1 | 3 years, 4 months |
| Check ICEBP | CAPA | 1 | 3 years, 4 months |
| CAPA_NtQueryInformation | CAPA | 1 | 3 years, 4 months |
| CAPA_Trap_Flag | CAPA | 1 | 3 years, 4 months |
| CAPA_Software_Breakpoint | CAPA | 1 | 3 years, 4 months |
| CAPA_debugger_api | CAPA | 1 | 3 years, 4 months |
| CAPA_debug_register | CAPA | 1 | 3 years, 4 months |
| CAPA_crash_eventlog | CAPA | 2 | 3 years, 4 months |
| CAPA_clear_log | CAPA | 1 | 3 years, 4 months |
| CAPA_timestomp | CAPA | 0 | 3 years, 4 months |
| CAPA_output_debug_string | CAPA | 1 | 3 years, 4 months |
| CAPA_QueryPerformanceCounter | CAPA | 1 | 3 years, 4 months |
| CAPA_device_pipe | CAPA | 0 | 3 years, 4 months |
| CAPA_detect_vm_process | CAPA | 2 | 3 years, 4 months |