Technique List

Technique Name Technique ID's Categories Has Snippet(s) Has Rules(s) Creation Date
NOP Sled U0206 Anti-Disassembly 5 years, 1 month
Inline Hooking U1211 F0015.002 Process Manipulating 5 years, 1 month
LOLbins U1004 Others 5 years, 1 month
COM Hijacking U1212 Process Manipulating 5 years, 1 month
Ctrl+Inject U1213 Process Manipulating 5 years, 1 month
Propagate U1214 Process Manipulating 5 years, 1 month
Process Doppelgänging U1215 Process Manipulating 5 years, 1 month
PE Injection U1216 E1055.002 Process Manipulating 5 years, 1 month
IAT Hooking U1217 F0015.003 Process Manipulating 5 years, 1 month
Injection using Shims U1218 E1055.m03 Process Manipulating 5 years, 1 month
Extra Window Memory Injection U1219 E1055.011 Process Manipulating 5 years, 1 month
Atom Bombing U1220 Process Manipulating 5 years, 1 month
APC injection U1221 E1055.004 Process Manipulating 5 years, 1 month
Image File Execution Options Injection U1222 Process Manipulating 5 years, 1 month
Thread Execution Hijacking U1223 E1055.003 Process Manipulating 5 years, 1 month
Reflective DLL injection U1224 Process Manipulating 5 years, 1 month
SuspendThread U0101 C0055 Anti-Debugging 5 years, 1 month
Guard Pages U0102 B0006.006 Anti-Debugging 5 years, 1 month
NtSetDebugFilterState U0103 Anti-Debugging 5 years, 1 month
Code Cave U0502 Antivirus/EDR Evasion 5 years, 1 month
Stolen certificate U0503 Antivirus/EDR Evasion 5 years, 1 month
Redirect Antivirus Website U0504 Antivirus/EDR Evasion 5 years, 1 month
Time Bomb U1005 B0007.008 Sandbox Evasion, Others 5 years, 1 month
Shortcut Hiding U0505 Antivirus/EDR Evasion 5 years, 1 month
Geofencing U1006 Others 5 years, 1 month
Custom Encoding U0702 E1027.m03 Data Obfuscation 5 years, 1 month
Cryptography U0703 E1027.m04 Data Obfuscation 5 years, 1 month
ROL U0704 Data Obfuscation 5 years, 1 month
Caesar Cipher U0705 Data Obfuscation 5 years, 1 month
Base64 U0706 E1027.m02 Data Obfuscation 5 years, 1 month
Filter
Clear