Technique List
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) | OS | Creation Date |
|---|---|---|---|---|---|---|
| UPX: Ultimate Packer for Executables | U1402 F0001.008 | Packers | 3 years, 4 months | |||
| Unloading Sysmon Driver | U0407 | Anti-Monitoring | 3 years, 4 months | |||
| Shellcode Injection via CreateThreadpoolWait | U1236 | Process Manipulating | 3 years, 4 months | |||
| Thwarting Stack-Frame Analysis | U0219 | Anti-Disassembly | 3 years, 4 months | |||
| Misusing Structured Exception Handlers | U0218 B0032.016 | Anti-Disassembly | 3 years, 4 months | |||
| ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | Process Manipulating | 3 years, 4 months | |||
| Disabling Event Tracing for Windows (ETW) | U0306 | Anti-Forensic | 3 years, 6 months | |||
| Anti-UPX Unpacking | U1008 | Others | 3 years, 7 months | |||
| Volume Shadow Copy Service (VSC,VSS) Deletion | U0305 T1070.004 | Anti-Forensic, Defense Evasion [Mitre] | 3 years, 8 months | |||
| User Interaction (Are you human?) | U1339 E1204 | Sandbox Evasion | 4 years, 3 months | |||
| Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 | Process Manipulating, Defense Evasion [Mitre] | 4 years, 3 months | |||
| Killing Windows Event Log | U0304 | Anti-Forensic | 4 years, 3 months | |||
| Process Ghosting | U1232 | Process Manipulating | 4 years, 4 months | |||
| Process Herpaderping | U1231 | Process Manipulating | 4 years, 4 months | |||
| LocalSize(0) | U0128 | Anti-Debugging | 4 years, 6 months | |||
| Detecting Online Sandbox | U1338 | Sandbox Evasion | 4 years, 7 months | |||
| File Melt | U1007 | Others | 4 years, 8 months | |||
| Execution Guardrails: Environmental Keying | T1480.001 | Defense Evasion [Mitre] | 4 years, 11 months | |||
| Indicator Removal: Timestomp | U0303 T1070.006 | Anti-Forensic, Defense Evasion [Mitre] | 4 years, 11 months | |||
| Debug Registers, Hardware Breakpoints | U0127 B0001.005 | Anti-Debugging | 4 years, 11 months | |||
| Anti Yara Rules | U1001 | Others | 4 years, 11 months | |||
| Breaking BaDDEr | U1201 | Process Manipulating | 5 years | |||
| DNS API Injection | U1202 | Process Manipulating | 5 years | |||
| CLIPBRDWNDCLASS | U1203 | Process Manipulating | 5 years | |||
| WordWarping | U1204 | Process Manipulating | 5 years | |||
| EditWordBreakProc | U1229 | Process Manipulating | 5 years | |||
| OLEUM | U1206 | Process Manipulating | 5 years | |||
| Listplanting | U1207 | Process Manipulating | 5 years | |||
| Treepoline | U1208 | Process Manipulating | 5 years | |||
| ConsoleWindowClass | U1209 | Process Manipulating | 5 years |