Technique List

Technique Name Technique ID's Categories Has Snippet(s) Has Rules(s) Creation Date
Stolen certificate U0503 Antivirus/EDR Evasion 4 years
Redirect Antivirus Website U0504 Antivirus/EDR Evasion 4 years
Time Bomb U1005 B0007.008 Others, Sandbox Evasion 4 years
Shortcut Hiding U0505 Antivirus/EDR Evasion 4 years
Geofencing U1006 Others 4 years
Custom Encoding U0702 E1027.m03 Data Obfuscation 4 years
Cryptography U0703 E1027.m04 Data Obfuscation 4 years
ROL U0704 Data Obfuscation 4 years
Caesar Cipher U0705 Data Obfuscation 4 years
Base64 U0706 E1027.m02 Data Obfuscation 4 years
XOR Operation U0701 E1027.m02 Data Obfuscation 4 years
FIleless Mechanisms U1205 B0027.001 Process Manipulating 4 years
DLL Injection via CreateRemoteThread and LoadLibrary U1226 E1055.001 Process Manipulating 4 years
Hook Injection U1227 E1055.m01 Process Manipulating 4 years
Entry Point Modification U1228 Process Manipulating 4 years
Parent Process Detection U0404 Anti-Monitoring 4 years
Process Camouflage, Masquerading U1230 F0005 Process Manipulating 4 years
Process Hollowing, RunPE U1225 E1055.012 Process Manipulating 4 years
Disassembly Desynchronization U0207 Anti-Disassembly 4 years
Dynamically Computed Target Address U0208 Anti-Disassembly 4 years
Opcode Obfuscation U0209 Anti-Disassembly 4 years
Jump With Same Target U0210 Anti-Disassembly 4 years
Impossible Disassembly U0211 Anti-Disassembly 4 years
Obscuring Control Flow U0212 Anti-Disassembly 4 years
Abusing the Return Pointer U0213 Anti-Disassembly 4 years
Obscuring Control Flow Using Pointers U0214 Anti-Disassembly 4 years
Spaghetti, Junk Code U0215 Anti-Disassembly 4 years
Control Flow Graph Flattening U0216 Anti-Disassembly 4 years
API Obfuscation U0217 B0032.001 Anti-Disassembly 4 years
INT3 Instruction Scanning U0105 B0001.025 Anti-Debugging 4 years