Detection Rule List

Rule Name Rule Type Technique Count Creation Date
UPX Packer YARA 1 3 years, 1 month
Detect Confuser CAPA 1 3 years, 1 month
CAPA_Detect_vmprotect CAPA 1 3 years, 1 month
CAPA_Detect_Petite CAPA 1 3 years, 1 month
CAPA_Detect_Themida CAPA 1 3 years, 1 month
CAPA_Detect_PeCompact CAPA 1 3 years, 1 month
CAPA_Detect_NSpack CAPA 1 3 years, 1 month
ASPack Packer Detection CAPA 1 3 years, 1 month
UPX Packer Detection CAPA 1 3 years, 1 month
CAPA_Detect_QEMU CAPA 0 3 years, 1 month
Check Sandbox Process CAPA 1 3 years, 1 month
Detect File Melt CAPA 1 3 years, 1 month
CAPA_Detect_Timestomp CAPA 1 3 years, 1 month
CAPA_FileVersion_Impersonation CAPA 1 3 years, 1 month
CAPA_check_PPID CAPA 1 3 years, 1 month
Check ICEBP CAPA 1 3 years, 1 month
CAPA_NtQueryInformation CAPA 1 3 years, 1 month
CAPA_Trap_Flag CAPA 1 3 years, 1 month
CAPA_Software_Breakpoint CAPA 1 3 years, 1 month
YARA_Detect_EventLogTampering YARA 1 3 years, 1 month
YARA_Detect_FindWindow YARA 1 3 years, 1 month
YARA_Detect_LocalSize YARA 1 3 years, 1 month
YARA_Detect_RDTSC YARA 1 3 years, 1 month
YARA_Detect_NtQueryInformationProcess YARA 1 3 years, 1 month
YARA_Detect_NtSetInformationThread YARA 1 3 years, 1 month
YARA_Detect_NtQueryObject YARA 1 3 years, 1 month
Yara_Detect_OutputDebugString YARA 1 3 years, 1 month
YARA_Detect_EventPairHandles YARA 1 3 years, 1 month
YARA_Detect_CsrGetProcessID YARA 1 3 years, 1 month
YARA_Detect_CloseHandle YARA 1 3 years, 1 month
Filter
Clear