Technique List
| Technique Name | Technique ID's | Categories | Has Snippet(s) | Has Rules(s) | Creation Date |
|---|---|---|---|---|---|
| Image File Execution Options Injection | U1222 | Process Manipulating | 4 years, 6 months | ||
| Thread Execution Hijacking | U1223 E1055.003 | Process Manipulating | 4 years, 6 months | ||
| Reflective DLL injection | U1224 | Process Manipulating | 4 years, 6 months | ||
| SuspendThread | U0101 C0055 | Anti-Debugging | 4 years, 6 months | ||
| Guard Pages | U0102 B0006.006 | Anti-Debugging | 4 years, 6 months | ||
| NtSetDebugFilterState | U0103 | Anti-Debugging | 4 years, 6 months | ||
| Code Cave | U0502 | Antivirus/EDR Evasion | 4 years, 6 months | ||
| Stolen certificate | U0503 | Antivirus/EDR Evasion | 4 years, 6 months | ||
| Redirect Antivirus Website | U0504 | Antivirus/EDR Evasion | 4 years, 6 months | ||
| Time Bomb | U1005 B0007.008 | Others, Sandbox Evasion | 4 years, 6 months | ||
| Shortcut Hiding | U0505 | Antivirus/EDR Evasion | 4 years, 6 months | ||
| Geofencing | U1006 | Others | 4 years, 6 months | ||
| Custom Encoding | U0702 E1027.m03 | Data Obfuscation | 4 years, 6 months | ||
| Cryptography | U0703 E1027.m04 | Data Obfuscation | 4 years, 6 months | ||
| ROL | U0704 | Data Obfuscation | 4 years, 6 months | ||
| Caesar Cipher | U0705 | Data Obfuscation | 4 years, 6 months | ||
| Base64 | U0706 E1027.m02 | Data Obfuscation | 4 years, 6 months | ||
| XOR Operation | U0701 E1027.m02 | Data Obfuscation | 4 years, 6 months | ||
| FIleless Mechanisms | U1205 B0027.001 | Process Manipulating | 4 years, 6 months | ||
| DLL Injection via CreateRemoteThread and LoadLibrary | U1226 E1055.001 | Process Manipulating | 4 years, 6 months | ||
| Hook Injection | U1227 E1055.m01 | Process Manipulating | 4 years, 6 months | ||
| Entry Point Modification | U1228 | Process Manipulating | 4 years, 6 months | ||
| Parent Process Detection | U0404 | Anti-Monitoring | 4 years, 6 months | ||
| Process Camouflage, Masquerading | U1230 F0005 | Process Manipulating | 4 years, 6 months | ||
| Process Hollowing, RunPE | U1225 E1055.012 | Process Manipulating | 4 years, 6 months | ||
| Disassembly Desynchronization | U0207 | Anti-Disassembly | 4 years, 6 months | ||
| Dynamically Computed Target Address | U0208 | Anti-Disassembly | 4 years, 6 months | ||
| Opcode Obfuscation | U0209 | Anti-Disassembly | 4 years, 6 months | ||
| Jump With Same Target | U0210 | Anti-Disassembly | 4 years, 6 months | ||
| Impossible Disassembly | U0211 | Anti-Disassembly | 4 years, 6 months |