Technique List
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) | OS | Creation Date |
|---|---|---|---|---|---|---|
| OutputDebugString | U0117 B0001.016 | Anti-Debugging | 6 years, 1 month | |||
| NtQueryObject | U0118 B0001.013 | Anti-Debugging | 6 years, 1 month | |||
| NtSetInformationThread | U0119 B0001.014 | Anti-Debugging | 6 years, 1 month | |||
| NtQueryInformationProcess | U0120 B0001.012 | Anti-Debugging | 6 years, 1 month | |||
| CheckRemoteDebuggerPresent | U0121 B0001.002 | Anti-Debugging | 6 years, 1 month | |||
| IsDebuggerPresent | U0122 B0001.008 | Anti-Debugging | 6 years, 1 month | |||
| Fake Signature | U0506 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Adding antivirus exception | U0507 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Disabling Antivirus | U0508 F0004 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| File Splitting | U0509 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Bypassing Static Heuristic | U0510 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| File Format Confusion | U0511 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Big File | U0512 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Fingerprinting Emulator | U0513 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| PE Format Manipulation | U0514 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Evading Specific Signature | U0515 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Evading Hash Signature | U0516 | Antivirus/EDR Evasion | 6 years, 1 month | |||
| Connected Printer | U1309 B0009.017 | Sandbox Evasion | 6 years, 1 month | |||
| Detecting USB Drive | U1310 B0009.016 | Sandbox Evasion | 6 years, 1 month | |||
| Detecting Hostname, Username | U1311 | Sandbox Evasion | 6 years, 1 month | |||
| Checking Hard Drive Size | U1312 B0009.015 | Sandbox Evasion | 6 years, 1 month | |||
| Checking Memory Size | U1313 B0009.014 | Sandbox Evasion | 6 years, 1 month | |||
| Checking Installed Software | U1314 | Sandbox Evasion | 6 years, 1 month | |||
| Checking Screen Resolution | U1315 B0007.006 | Sandbox Evasion | 6 years, 1 month | |||
| Checking Recent Office Files | U1316 B0007.003 | Sandbox Evasion | 6 years, 1 month | |||
| Checking Mouse Activity | U1317 B0007.003 | Sandbox Evasion | 6 years, 1 month | |||
| Stalling Code | U1318 B0003.003 | Sandbox Evasion | 6 years, 1 month | |||
| Onset Delay | U1320 | Sandbox Evasion | 6 years, 1 month | |||
| VPCEXT | U1321 B0009.038 | Sandbox Evasion | 6 years, 1 month | |||
| VMCPUID | U1322 B0009.037 | Sandbox Evasion | 6 years, 1 month |