Technique List
Technique Name | Technique ID's | Categories | Has Snippet(s) | Has Rules(s) | Creation Date |
---|---|---|---|---|---|
MEW | U1407 | Packers | 1 year, 9 months | ||
Themida | U1406 F0001.011 | Packers | 1 year, 9 months | ||
ExeStealth | U1405 | Packers | 1 year, 9 months | ||
Alternate EXE Packer | U1404 | Packers | 1 year, 9 months | ||
MPRESS | U1403 | Packers | 1 year, 9 months | ||
UPX: Ultimate Packer for Executables | U1402 F0001.008 | Packers | 1 year, 9 months | ||
Unloading Sysmon Driver | U0407 | Anti-Monitoring | 1 year, 9 months | ||
Shellcode Injection via CreateThreadpoolWait | U1236 | Process Manipulating | 1 year, 9 months | ||
Thwarting Stack-Frame Analysis | U0219 | Anti-Disassembly | 1 year, 10 months | ||
Misusing Structured Exception Handlers | U0218 B0032.016 | Anti-Disassembly | 1 year, 10 months | ||
ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | Process Manipulating | 1 year, 10 months | ||
Disabling Event Tracing for Windows (ETW) | U0306 | Anti-Forensic | 1 year, 11 months | ||
Anti-UPX Unpacking | U1008 | Others | 2 years | ||
Volume Shadow Copy Service (VSC,VSS) Deletion | U0305 T1070.004 | Anti-Forensic, Defense Evasion [Mitre] | 2 years, 1 month | ||
User Interaction (Are you human?) | U1339 E1204 | Sandbox Evasion | 2 years, 8 months | ||
Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 | Process Manipulating, Defense Evasion [Mitre] | 2 years, 8 months | ||
Killing Windows Event Log | U0304 | Anti-Forensic | 2 years, 8 months | ||
Process Ghosting | U1232 | Process Manipulating | 2 years, 10 months | ||
Process Herpaderping | U1231 | Process Manipulating | 2 years, 10 months | ||
LocalSize(0) | U0128 | Anti-Debugging | 2 years, 11 months | ||
Detecting Online Sandbox | U1338 | Sandbox Evasion | 3 years, 1 month | ||
File Melt | U1007 | Others | 3 years, 1 month | ||
Execution Guardrails: Environmental Keying | T1480.001 | Defense Evasion [Mitre] | 3 years, 5 months | ||
Indicator Removal: Timestomp | U0303 T1070.006 | Anti-Forensic, Defense Evasion [Mitre] | 3 years, 5 months | ||
Debug Registers, Hardware Breakpoints | U0127 B0001.005 | Anti-Debugging | 3 years, 5 months | ||
Anti Yara Rules | U1001 | Others | 3 years, 5 months | ||
Breaking BaDDEr | U1201 | Process Manipulating | 3 years, 5 months | ||
DNS API Injection | U1202 | Process Manipulating | 3 years, 5 months | ||
CLIPBRDWNDCLASS | U1203 | Process Manipulating | 3 years, 6 months | ||
WordWarping | U1204 | Process Manipulating | 3 years, 6 months |