Technique List
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) | OS | Creation Date |
|---|---|---|---|---|---|---|
| Process Doppelgänging | U1215 | Process Manipulating | 6 years, 1 month | |||
| PE Injection | U1216 E1055.002 | Process Manipulating | 6 years, 1 month | |||
| IAT Hooking | U1217 F0015.003 | Process Manipulating | 6 years, 1 month | |||
| Injection using Shims | U1218 E1055.m03 | Process Manipulating | 6 years, 1 month | |||
| Extra Window Memory Injection | U1219 E1055.011 | Process Manipulating | 6 years, 1 month | |||
| Atom Bombing | U1220 | Process Manipulating | 6 years, 1 month | |||
| APC injection | U1221 E1055.004 | Process Manipulating | 6 years, 1 month | |||
| Image File Execution Options Injection | U1222 | Process Manipulating | 6 years, 1 month | |||
| Thread Execution Hijacking | U1223 E1055.003 | Process Manipulating | 6 years, 1 month | |||
| Reflective DLL injection | U1224 | Process Manipulating | 6 years, 1 month | |||
| SuspendThread | U0101 C0055 | Anti-Debugging | 6 years, 1 month | |||
| Guard Pages | U0102 B0006.006 | Anti-Debugging | 6 years, 1 month | |||
| NtSetDebugFilterState | U0103 | Anti-Debugging | 6 years, 1 month | |||
| Code Cave | U0502 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Stolen certificate | U0503 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Redirect Antivirus Website | U0504 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Time Bomb | U1005 B0007.008 | Sandbox Evasion, Others | 6 years, 1 month | |||
| Shortcut Hiding | U0505 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Geofencing | U1006 | Others | 6 years, 1 month | |||
| Custom Encoding | U0702 E1027.m03 | Data Obfuscation | 6 years, 1 month | |||
| Cryptography | U0703 E1027.m04 | Data Obfuscation | 6 years, 1 month | |||
| ROL | U0704 | Data Obfuscation | 6 years, 1 month | |||
| Caesar Cipher | U0705 | Data Obfuscation | 6 years, 1 month | |||
| Base64 | U0706 E1027.m02 | Data Obfuscation | 6 years, 1 month | |||
| XOR Operation | U0701 E1027.m02 | Data Obfuscation | 6 years, 1 month | |||
| FIleless Mechanisms | U1205 B0027.001 | Process Manipulating | 6 years, 1 month | |||
| DLL Injection via CreateRemoteThread and LoadLibrary | U1226 E1055.001 | Process Manipulating | 6 years, 1 month | |||
| Hook Injection | U1227 E1055.m01 | Process Manipulating | 6 years, 1 month | |||
| Entry Point Modification | U1228 | Process Manipulating | 6 years, 1 month | |||
| Parent Process Detection | U0404 | Anti-Monitoring | 6 years, 1 month |