Technique List

Technique Name Technique ID's Categories Has Snippet(s) Has Rules(s) Creation Date
Volume Shadow Copy Service (VSC,VSS) Deletion U0305 T1070.004 Defense Evasion [Mitre], Anti-Forensic 1 year, 7 months
User Interaction (Are you human?) U1339 E1204 Sandbox Evasion 2 years, 2 months
Access Token Manipulation: Parent PID Spoofing U1234 T1134.004 Defense Evasion [Mitre], Process Manipulating 2 years, 2 months
Killing Windows Event Log U0304 Anti-Forensic 2 years, 2 months
Process Ghosting U1232 Process Manipulating 2 years, 3 months
Process Herpaderping U1231 Process Manipulating 2 years, 3 months
LocalSize(0) U0128 Anti-Debugging 2 years, 5 months
Detecting Online Sandbox U1338 Sandbox Evasion 2 years, 6 months
File Melt U1007 Others 2 years, 7 months
Execution Guardrails: Environmental Keying T1480.001 Defense Evasion [Mitre] 2 years, 10 months
Indicator Removal: Timestomp U0303 T1070.006 Defense Evasion [Mitre], Anti-Forensic 2 years, 10 months
Debug Registers, Hardware Breakpoints U0127 B0001.005 Anti-Debugging 2 years, 10 months
Anti Yara Rules U1001 Others 2 years, 10 months
Breaking BaDDEr U1201 Process Manipulating 2 years, 11 months
DNS API Injection U1202 Process Manipulating 2 years, 11 months
CLIPBRDWNDCLASS U1203 Process Manipulating 2 years, 11 months
WordWarping U1204 Process Manipulating 2 years, 11 months
EditWordBreakProc U1229 Process Manipulating 2 years, 11 months
OLEUM U1206 Process Manipulating 2 years, 11 months
Listplanting U1207 Process Manipulating 2 years, 11 months
Treepoline U1208 Process Manipulating 2 years, 11 months
ConsoleWindowClass U1209 Process Manipulating 2 years, 11 months
Bypass User Account Control T1548.002 Defense Evasion [Mitre] 2 years, 11 months
GetForegroundWindow U1301 Sandbox Evasion 2 years, 12 months
Thermal Zone Temperature U1302 Sandbox Evasion 3 years
Checking Malware Name U1303 U0401 Sandbox Evasion, Anti-Monitoring 3 years
RDTSCP U1304 Sandbox Evasion 3 years
API Hammering U1305 B0003.012 Sandbox Evasion 3 years
Process Reimaging U1210 Process Manipulating 3 years, 4 months
Malvertising U1002 Others 4 years, 5 months
Filter
Clear