Technique List

Technique Name Technique ID's Categories Snippet(s) Rules(s) OS Creation Date
Default Windows Wallpaper Check U1351 Sandbox Evasion 2 weeks, 4 days
Event Triggered Execution: Linux Inotify U1245 T1546 Process Manipulating 1 month
Replication Through Removable Media U1012 T1091 Defense Evasion [Mitre], Others 2 months
VBA Purging U0524 Antivirus/EDR Evasion 3 months
QEMU CPU brand evasion U1350 Sandbox Evasion 3 months, 2 weeks
bochs CPU oversights evasion U1349 Sandbox Evasion 3 months, 3 weeks
Al-Khaser_WriteWatch U0134 Anti-Debugging 4 months
WinDefAVEmu_goatfiles U1348 Sandbox Evasion 4 months
IPV4/IPV6 Obfuscation U0710 Data Obfuscation 4 months
AppInit DLL Injection U1244 T1546 Process Manipulating, Defense Evasion [Mitre] 4 months
VboxEnumShares U1347 Sandbox Evasion 4 months
Cronos-Crypter U1437 Packers 4 months
Odd Thread Count U1346 Sandbox Evasion 4 months
Hyper-V Signature U1345 Sandbox Evasion 4 months
NtDelayExecution U1344 U0133 Sandbox Evasion, Anti-Debugging 4 months
Runtime Function Decryption U0523 Antivirus/EDR Evasion 8 months, 4 weeks
BlockInput U1011 Others 8 months, 4 weeks
Retrieve HDD Information U1343 Sandbox Evasion 9 months
BuildCommDCBAndTimeoutA U1342 T1497.002 Sandbox Evasion 9 months
LimeCrypter U1436 Packers 11 months
PyArmor U1435 Packers 11 months
NixImports U1434 Packers 11 months, 1 week
PowerShell Special Characters Obfuscation U0709 Data Obfuscation 11 months, 1 week
PureCrypter U1433 Packers 11 months, 1 week
TrueCrypt U1432 Packers 11 months, 2 weeks
EasyCrypter U1431 Packers 11 months, 2 weeks
FuncIn U0132 U0221 U0308 Antivirus/EDR Evasion, Anti-Debugging, Anti-Disassembly, Anti-Forensic 1 year
Process Argument Spoofing U1243 Process Manipulating 1 year
SMB / Named Pipes U9011 Network Evasion 1 year, 3 months
Right-to-Left Override (RLO) Extension Spoofing U1010 Others 1 year, 4 months
Filter
Clear