Technique List
| Technique Name | Technique ID's | Categories | Has Snippet(s) | Has Rules(s) | Creation Date |
|---|---|---|---|---|---|
| C2 via Social Networks | U0901 | Network Evasion | 4 years, 7 months | ||
| Peer to peer C2 | U0902 | Network Evasion | 4 years, 7 months | ||
| Tor Network C2 | U0903 | Network Evasion | 4 years, 7 months | ||
| DNS Hijacking | U0904 E1643.m01 | Network Evasion | 4 years, 7 months | ||
| DNS Tunneling | U0905 T1048.003 | Defense Evasion [Mitre], Network Evasion | 4 years, 7 months | ||
| Domain Generation Algorithm | U0906 B0031 | Network Evasion | 4 years, 7 months | ||
| Fast Flux | U0907 | Network Evasion | 4 years, 7 months | ||
| NTFS Files Attributes | U0501 | Antivirus/EDR Evasion | 4 years, 8 months | ||
| Hiding Mechanisms | U1003 | Others | 4 years, 8 months | ||
| Wiping or Encrypting | U0301 | Anti-Forensic | 4 years, 8 months | ||
| Indicator Removal: Clear Windows Event Logs | T1070.001 U0302 | Defense Evasion [Mitre], Anti-Forensic | 4 years, 8 months | ||
| Kill Process | U0403 | Anti-Monitoring | 4 years, 8 months | ||
| Opaque Predicate | U0201 B0032.019 | Anti-Disassembly | 4 years, 8 months | ||
| Code Transposition | U0202 | Anti-Disassembly | 4 years, 8 months | ||
| Register Reassignment | U0203 | Anti-Disassembly | 4 years, 8 months | ||
| Inserting Garbage Bytes | U0204 B0032.007 | Anti-Disassembly | 4 years, 8 months | ||
| Call Trick | U0205 | Anti-Disassembly | 4 years, 8 months | ||
| NOP Sled | U0206 | Anti-Disassembly | 4 years, 8 months | ||
| Inline Hooking | U1211 F0015.002 | Process Manipulating | 4 years, 8 months | ||
| LOLbins | U1004 | Others | 4 years, 8 months | ||
| COM Hijacking | U1212 | Process Manipulating | 4 years, 8 months | ||
| Ctrl+Inject | U1213 | Process Manipulating | 4 years, 8 months | ||
| Propagate | U1214 | Process Manipulating | 4 years, 8 months | ||
| Process Doppelgänging | U1215 | Process Manipulating | 4 years, 8 months | ||
| PE Injection | U1216 E1055.002 | Process Manipulating | 4 years, 8 months | ||
| IAT Hooking | U1217 F0015.003 | Process Manipulating | 4 years, 8 months | ||
| Injection using Shims | U1218 E1055.m03 | Process Manipulating | 4 years, 8 months | ||
| Extra Window Memory Injection | U1219 E1055.011 | Process Manipulating | 4 years, 8 months | ||
| Atom Bombing | U1220 | Process Manipulating | 4 years, 8 months | ||
| APC injection | U1221 E1055.004 | Process Manipulating | 4 years, 8 months |