Technique List

Technique Name Technique ID's Categories Has Snippet(s) Has Rules(s) Creation Date
Interrupts U0106 Anti-Debugging 4 years
Performing Code Checksum U0107 Anti-Debugging 4 years
Unhandled Exception Filter U0108 B0001.030 Anti-Debugging 4 years
Bad String Format U0104 Anti-Debugging 4 years
TLS Callback U0124 Anti-Debugging 4 years
Detecting Running Process: EnumProcess API U0109 U0405 U1306 Sandbox Evasion, Anti-Monitoring, Anti-Debugging 4 years
Detecting Window with FindWindow API U0406 U0123 Anti-Monitoring, Anti-Debugging 4 years
GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter U0110 U1308 B0001.28 Sandbox Evasion, Anti-Debugging 4 years
GetTickCount U0125 B0001.032 Anti-Debugging 4 years
RDTSC U0126 Anti-Debugging 4 years
NtGlobalFlag U0111 B0001.036 Anti-Debugging 4 years
Heap Flag U0112 B0001.021 Anti-Debugging 4 years
IsDebugged Flag U0113 B0001.019 Anti-Debugging 4 years
CloseHandle, NtClose U0114 B0001.003 Anti-Debugging 4 years
CsrGetProcessID U0115 Anti-Debugging 4 years
EventPairHandles U0116 Anti-Debugging 4 years
OutputDebugString U0117 B0001.016 Anti-Debugging 4 years
NtQueryObject U0118 B0001.013 Anti-Debugging 4 years
NtSetInformationThread U0119 B0001.014 Anti-Debugging 4 years
NtQueryInformationProcess U0120 B0001.012 Anti-Debugging 4 years
CheckRemoteDebuggerPresent U0121 B0001.002 Anti-Debugging 4 years
IsDebuggerPresent U0122 B0001.008 Anti-Debugging 4 years
Fake Signature U0506 Antivirus/EDR Evasion 4 years
Adding antivirus exception U0507 Antivirus/EDR Evasion 4 years
Disabling Antivirus U0508 F0004 Antivirus/EDR Evasion 4 years
File Splitting U0509 Antivirus/EDR Evasion 4 years
Bypassing Static Heuristic U0510 Antivirus/EDR Evasion 4 years
File Format Confusion U0511 Antivirus/EDR Evasion 4 years
Big File U0512 Antivirus/EDR Evasion 4 years
Fingerprinting Emulator U0513 Antivirus/EDR Evasion 4 years

Filter