Issac Briones (1d8) Profile - Unprotect Project

Technique Name	Technique ID's	Snippet(s)	Rules(s)	OS
WMI Event Subscriptions	U1353
XBEL Recently Opened Files Check	U1352
Default Windows Wallpaper Check	U1351
Event Triggered Execution: Linux Inotify	U1245 T1546
Replication Through Removable Media	U1012 T1091
Impair Defenses: Impair Command History Logging	T1562.003
AppInit DLL Injection	U1244 T1546

Technique	Language	Creation Date
WMI Event Subscriptions	PowerShell	2 months, 2 weeks
XBEL Recently Opened Files Check	Python	5 months, 2 weeks
Virtualization/Sandbox Evasion: User Activity Based Checks	Python	6 months, 2 weeks
Default Windows Wallpaper Check	Golang	6 months, 2 weeks
Event Triggered Execution: Linux Inotify	Python	7 months
Replication Through Removable Media	Python	8 months
AppInit DLL Injection	C	10 months
Hide Artifacts: Hidden Window	C	10 months