Detection Rule List
| Rule Name | Rule Type | Technique Count | Creation Date |
|---|---|---|---|
| CAPA_stackstring_obf | CAPA | 0 | 2 years, 1 month |
| CAPA_mouse_cursor | CAPA | 1 | 2 years, 1 month |
| CAPA_ntglobalflag | CAPA | 1 | 2 years, 1 month |
| CAPA_debugged_flag | CAPA | 1 | 2 years, 1 month |
| CAPA_gettickcount | CAPA | 1 | 2 years, 1 month |
| CAPA_vm_instruction | CAPA | 0 | 2 years, 1 month |
| CAPA_vm_artefact2 | CAPA | 1 | 2 years, 1 month |
| CAPA_vm_registry | CAPA | 1 | 2 years, 1 month |
| CAPA_localsize | CAPA | 1 | 2 years, 1 month |
| CAPA_vm_artefact | CAPA | 1 | 2 years, 1 month |
| CAPA_SetHandleInformation | CAPA | 1 | 2 years, 1 month |
| CAPA_kill_process | CAPA | 1 | 2 years, 1 month |
| CAPA_SANBOX_AV_CHECK | CAPA | 1 | 2 years, 1 month |
| CAPA_Delete_Volume_Shadow_Copy | CAPA | 1 | 2 years, 1 month |
| CAPA_sandbox_name | CAPA | 1 | 2 years, 1 month |
| CAPA_resize_volume_shadow_copy_storage | CAPA | 0 | 2 years, 1 month |