Technique List
Technique Name | Technique ID's | Categories | Has Snippet(s) | Has Rules(s) | Creation Date |
---|---|---|---|---|---|
Runtime Function Decryption | U0523 | Antivirus/EDR Evasion | 1 month, 3 weeks | ||
BlockInput | U1011 | Others | 1 month, 3 weeks | ||
Retrieve HDD Information | U1343 | Sandbox Evasion | 1 month, 3 weeks | ||
BuildCommDCBAndTimeoutA | U1342 T1497.002 | Sandbox Evasion | 1 month, 3 weeks | ||
LimeCrypter | U1436 | Packers | 3 months, 4 weeks | ||
PyArmor | U1435 | Packers | 3 months, 4 weeks | ||
NixImports | U1434 | Packers | 4 months | ||
PowerShell Special Characters Obfuscation | U0709 | Data Obfuscation | 4 months | ||
PureCrypter | U1433 | Packers | 4 months | ||
TrueCrypt | U1432 | Packers | 4 months, 1 week | ||
EasyCrypter | U1431 | Packers | 4 months, 1 week | ||
FuncIn | U0132 U0221 U0308 | Antivirus/EDR Evasion, Anti-Debugging, Anti-Disassembly, Anti-Forensic | 5 months | ||
Process Argument Spoofing | U1243 | Process Manipulating | 5 months | ||
SMB / Named Pipes | U9011 | Network Evasion | 8 months, 2 weeks | ||
Right-to-Left Override (RLO) Extension Spoofing | U1010 | Others | 9 months, 1 week | ||
DLL Unhooking | U0522 | Antivirus/EDR Evasion | 10 months, 1 week | ||
Shikata Ga Nai (SGN) | U0708 | Data Obfuscation | 10 months, 1 week | ||
C2 via FTP(S) | U0910 | Network Evasion | 11 months | ||
Evasion using direct Syscalls | U0521 | Antivirus/EDR Evasion | 11 months, 3 weeks | ||
Hell's Gate | U0520 | Antivirus/EDR Evasion | 1 year, 1 month | ||
XSL Script Processing | T1220 | Defense Evasion [Mitre] | 1 year, 1 month | ||
Virtualization/Sandbox Evasion: Time Based Evasion | T1497.003 | Defense Evasion [Mitre] | 1 year, 1 month | ||
Virtualization/Sandbox Evasion: User Activity Based Checks | T1497.002 | Defense Evasion [Mitre] | 1 year, 1 month | ||
Virtualization/Sandbox Evasion: System Checks | T1497.001 | Defense Evasion [Mitre] | 1 year, 1 month | ||
Valid Accounts: Local Accounts | T1078.003 | Defense Evasion [Mitre] | 1 year, 1 month | ||
Valid Accounts: Domain Accounts | T1078.002 | Defense Evasion [Mitre] | 1 year, 1 month | ||
Valid Accounts: Default Accounts | T1078.001 | Defense Evasion [Mitre] | 1 year, 1 month | ||
ScrubCrypt | U1430 | Packers | 1 year, 1 month | ||
Constant Blinding | U0707 | Data Obfuscation | 1 year, 1 month | ||
Unloading Module with FreeLibrary | U0519 | Antivirus/EDR Evasion | 1 year, 1 month |