
Technique List
Technique Name | Technique ID's | Categories | Has Snippet(s) | Has Rules(s) | Creation Date |
---|---|---|---|---|---|
Interrupts | U0106 | Anti-Debugging | 4 years | ||
Performing Code Checksum | U0107 | Anti-Debugging | 4 years | ||
Unhandled Exception Filter | U0108 B0001.030 | Anti-Debugging | 4 years | ||
Bad String Format | U0104 | Anti-Debugging | 4 years | ||
TLS Callback | U0124 | Anti-Debugging | 4 years | ||
Detecting Running Process: EnumProcess API | U0109 U0405 U1306 | Sandbox Evasion, Anti-Monitoring, Anti-Debugging | 4 years | ||
Detecting Window with FindWindow API | U0406 U0123 | Anti-Monitoring, Anti-Debugging | 4 years | ||
GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter | U0110 U1308 B0001.28 | Sandbox Evasion, Anti-Debugging | 4 years | ||
GetTickCount | U0125 B0001.032 | Anti-Debugging | 4 years | ||
RDTSC | U0126 | Anti-Debugging | 4 years | ||
NtGlobalFlag | U0111 B0001.036 | Anti-Debugging | 4 years | ||
Heap Flag | U0112 B0001.021 | Anti-Debugging | 4 years | ||
IsDebugged Flag | U0113 B0001.019 | Anti-Debugging | 4 years | ||
CloseHandle, NtClose | U0114 B0001.003 | Anti-Debugging | 4 years | ||
CsrGetProcessID | U0115 | Anti-Debugging | 4 years | ||
EventPairHandles | U0116 | Anti-Debugging | 4 years | ||
OutputDebugString | U0117 B0001.016 | Anti-Debugging | 4 years | ||
NtQueryObject | U0118 B0001.013 | Anti-Debugging | 4 years | ||
NtSetInformationThread | U0119 B0001.014 | Anti-Debugging | 4 years | ||
NtQueryInformationProcess | U0120 B0001.012 | Anti-Debugging | 4 years | ||
CheckRemoteDebuggerPresent | U0121 B0001.002 | Anti-Debugging | 4 years | ||
IsDebuggerPresent | U0122 B0001.008 | Anti-Debugging | 4 years | ||
Fake Signature | U0506 | Antivirus/EDR Evasion | 4 years | ||
Adding antivirus exception | U0507 | Antivirus/EDR Evasion | 4 years | ||
Disabling Antivirus | U0508 F0004 | Antivirus/EDR Evasion | 4 years | ||
File Splitting | U0509 | Antivirus/EDR Evasion | 4 years | ||
Bypassing Static Heuristic | U0510 | Antivirus/EDR Evasion | 4 years | ||
File Format Confusion | U0511 | Antivirus/EDR Evasion | 4 years | ||
Big File | U0512 | Antivirus/EDR Evasion | 4 years | ||
Fingerprinting Emulator | U0513 | Antivirus/EDR Evasion | 4 years |