Technique List
Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) | OS | Creation Date |
---|---|---|---|---|---|---|
Replication Through Removable Media | U1012 T1091 | Defense Evasion [Mitre], Others | 1 week, 4 days | |||
VBA Purging | U0524 | Antivirus/EDR Evasion | 1 month, 1 week | |||
QEMU CPU brand evasion | U1350 | Sandbox Evasion | 1 month, 3 weeks | |||
bochs CPU oversights evasion | U1349 | Sandbox Evasion | 1 month, 4 weeks | |||
Al-Khaser_WriteWatch | U0134 | Anti-Debugging | 2 months, 1 week | |||
WinDefAVEmu_goatfiles | U1348 | Sandbox Evasion | 2 months, 1 week | |||
IPV4/IPV6 Obfuscation | U0710 | Data Obfuscation | 2 months, 1 week | |||
AppInit DLL Injection | U1244 T1546 | Process Manipulating, Defense Evasion [Mitre] | 2 months, 1 week | |||
VboxEnumShares | U1347 | Sandbox Evasion | 2 months, 1 week | |||
Cronos-Crypter | U1437 | Packers | 2 months, 1 week | |||
Odd Thread Count | U1346 | Sandbox Evasion | 2 months, 1 week | |||
Hyper-V Signature | U1345 | Sandbox Evasion | 2 months, 1 week | |||
NtDelayExecution | U1344 U0133 | Sandbox Evasion, Anti-Debugging | 2 months, 1 week | |||
Runtime Function Decryption | U0523 | Antivirus/EDR Evasion | 7 months, 1 week | |||
BlockInput | U1011 | Others | 7 months, 1 week | |||
Retrieve HDD Information | U1343 | Sandbox Evasion | 7 months, 1 week | |||
BuildCommDCBAndTimeoutA | U1342 T1497.002 | Sandbox Evasion | 7 months, 1 week | |||
LimeCrypter | U1436 | Packers | 9 months, 1 week | |||
PyArmor | U1435 | Packers | 9 months, 1 week | |||
NixImports | U1434 | Packers | 9 months, 2 weeks | |||
PowerShell Special Characters Obfuscation | U0709 | Data Obfuscation | 9 months, 2 weeks | |||
PureCrypter | U1433 | Packers | 9 months, 2 weeks | |||
TrueCrypt | U1432 | Packers | 9 months, 3 weeks | |||
EasyCrypter | U1431 | Packers | 9 months, 3 weeks | |||
FuncIn | U0132 U0221 U0308 | Antivirus/EDR Evasion, Anti-Debugging, Anti-Disassembly, Anti-Forensic | 10 months, 2 weeks | |||
Process Argument Spoofing | U1243 | Process Manipulating | 10 months, 2 weeks | |||
SMB / Named Pipes | U9011 | Network Evasion | 1 year, 2 months | |||
Right-to-Left Override (RLO) Extension Spoofing | U1010 | Others | 1 year, 2 months | |||
DLL Unhooking | U0522 | Antivirus/EDR Evasion | 1 year, 3 months | |||
Shikata Ga Nai (SGN) | U0708 | Data Obfuscation | 1 year, 3 months |