Technique List

Technique Name Technique ID's Categories Snippet(s) Rules(s) OS Creation Date
Process Doppelgänging U1215 Process Manipulating 6 years, 2 months
PE Injection U1216 E1055.002 Process Manipulating 6 years, 2 months
IAT Hooking U1217 F0015.003 Process Manipulating 6 years, 2 months
Injection using Shims U1218 E1055.m03 Process Manipulating 6 years, 2 months
Extra Window Memory Injection U1219 E1055.011 Process Manipulating 6 years, 2 months
Atom Bombing U1220 Process Manipulating 6 years, 2 months
APC injection U1221 E1055.004 Process Manipulating 6 years, 2 months
Image File Execution Options Injection U1222 Process Manipulating 6 years, 2 months
Thread Execution Hijacking U1223 E1055.003 Process Manipulating 6 years, 2 months
Reflective DLL injection U1224 Process Manipulating 6 years, 2 months
SuspendThread U0101 C0055 Anti-Debugging 6 years, 2 months
Guard Pages U0102 B0006.006 Anti-Debugging 6 years, 2 months
NtSetDebugFilterState U0103 Anti-Debugging 6 years, 2 months
Code Cave U0502 Antivirus/EDR Evasion 6 years, 2 months
Stolen certificate U0503 Antivirus/EDR Evasion 6 years, 2 months
Redirect Antivirus Website U0504 Antivirus/EDR Evasion 6 years, 2 months
Time Bomb U1005 B0007.008 Sandbox Evasion, Others 6 years, 2 months
Shortcut Hiding U0505 Antivirus/EDR Evasion 6 years, 2 months
Geofencing U1006 Others 6 years, 2 months
Custom Encoding U0702 E1027.m03 Data Obfuscation 6 years, 2 months
Cryptography U0703 E1027.m04 Data Obfuscation 6 years, 2 months
ROL U0704 Data Obfuscation 6 years, 2 months
Caesar Cipher U0705 Data Obfuscation 6 years, 2 months
Base64 U0706 E1027.m02 Data Obfuscation 6 years, 2 months
XOR Operation U0701 E1027.m02 Data Obfuscation 6 years, 2 months
FIleless Mechanisms U1205 B0027.001 Process Manipulating 6 years, 2 months
DLL Injection via CreateRemoteThread and LoadLibrary U1226 E1055.001 Process Manipulating 6 years, 2 months
Hook Injection U1227 E1055.m01 Process Manipulating 6 years, 2 months
Entry Point Modification U1228 Process Manipulating 6 years, 2 months
Parent Process Detection U0404 Anti-Monitoring 6 years, 2 months

Filter