Technique List
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) | OS | Creation Date |
|---|---|---|---|---|---|---|
| Replication Through Removable Media | U1012 T1091 | Defense Evasion [Mitre], Others | 3 days, 16 hours | |||
| VBA Purging | U0524 | Antivirus/EDR Evasion | 1 month | |||
| QEMU CPU brand evasion | U1350 | Sandbox Evasion | 1 month, 2 weeks | |||
| bochs CPU oversights evasion | U1349 | Sandbox Evasion | 1 month, 3 weeks | |||
| Al-Khaser_WriteWatch | U0134 | Anti-Debugging | 2 months | |||
| WinDefAVEmu_goatfiles | U1348 | Sandbox Evasion | 2 months | |||
| IPV4/IPV6 Obfuscation | U0710 | Data Obfuscation | 2 months | |||
| AppInit DLL Injection | U1244 T1546 | Process Manipulating, Defense Evasion [Mitre] | 2 months | |||
| VboxEnumShares | U1347 | Sandbox Evasion | 2 months | |||
| Cronos-Crypter | U1437 | Packers | 2 months | |||
| Odd Thread Count | U1346 | Sandbox Evasion | 2 months | |||
| Hyper-V Signature | U1345 | Sandbox Evasion | 2 months | |||
| NtDelayExecution | U1344 U0133 | Sandbox Evasion, Anti-Debugging | 2 months | |||
| Runtime Function Decryption | U0523 | Antivirus/EDR Evasion | 6 months, 4 weeks | |||
| BlockInput | U1011 | Others | 6 months, 4 weeks | |||
| Retrieve HDD Information | U1343 | Sandbox Evasion | 7 months | |||
| BuildCommDCBAndTimeoutA | U1342 T1497.002 | Sandbox Evasion | 7 months | |||
| LimeCrypter | U1436 | Packers | 9 months | |||
| PyArmor | U1435 | Packers | 9 months | |||
| NixImports | U1434 | Packers | 9 months, 1 week | |||
| PowerShell Special Characters Obfuscation | U0709 | Data Obfuscation | 9 months, 1 week | |||
| PureCrypter | U1433 | Packers | 9 months, 1 week | |||
| TrueCrypt | U1432 | Packers | 9 months, 2 weeks | |||
| EasyCrypter | U1431 | Packers | 9 months, 2 weeks | |||
| FuncIn | U0132 U0221 U0308 | Antivirus/EDR Evasion, Anti-Debugging, Anti-Disassembly, Anti-Forensic | 10 months, 1 week | |||
| Process Argument Spoofing | U1243 | Process Manipulating | 10 months, 1 week | |||
| SMB / Named Pipes | U9011 | Network Evasion | 1 year, 1 month | |||
| Right-to-Left Override (RLO) Extension Spoofing | U1010 | Others | 1 year, 2 months | |||
| DLL Unhooking | U0522 | Antivirus/EDR Evasion | 1 year, 3 months | |||
| Shikata Ga Nai (SGN) | U0708 | Data Obfuscation | 1 year, 3 months |