From ema
Jump to navigation Jump to search
Attribute Category: Common
Name: technique
Description: The `technique' value refers to techniques that are used in an instance of a behavior.
Type: Enumerable List
Enumerable Values: api call checking, bios manipulation, direct kernel object manipulation, dll search path hijacking, file system manipulation, firmware manipulation, inline/iat/eat hooking, irp filtering, periodic check/recreation, windows registry manipulation, windows service manipulation

file system manipulation

windows registry manipulation
windows service manipulation
direct kernel object manipulation
bios manipulation
firmware manipulation
periodic check/recreation
irp filtering
inline/iat/eat hooking
api call checking
dll search path hijacking