All pages
Jump to navigation
Jump to search
- Duplicate Rows for Yaron
- Screen Resolution Testing
- Discovery
- Effects
- Self Debugging
- & Obfuscated Files or Information
- + analysis tool discovery
- Timing/Up-time Check
- Timing/Date Checks
- c2 communication
- Lateral Movement
- Anti-Static Analysis
- Execution
- Collection
- & Software Packing
- Exfiltration
- & Rootkit
- Persistence
- Command and Control
- Credential Access
- Privilege Escalation
- + private api exploitation (Mobile)
- & Hooking
- + surreptitious application installation
- Monitoring thread
- debugger obstruction
- Interrupt Hooking
- Anti-Behavioral Analysis
- sandbox prevention
- Defense Evasion
- + malicious network driver
- + windows shutdown event
- illusionary issues
- polymorphic code
- & Component Firmware
- api hooking
- code optimization
- resource compression
- virtualized code
- embedded file hooking
- exploitation for analysis evasion
- Product Key/ID Testing
- Injected DLL Testing
- Guest Process Testing
- HTML5 Performance Object
- Named System Object Checks
- CryptoAPI
- Process Environment Block (PEB)
- API Call: IsDebuggerPresent
- Control Graph Flattening
- & Encrypt Files for Ransom (mobile)
- + send email
- + manipulate network traffic
- + compromise data integrity
- suicide exit
- + install secondary program
- delete SMS warning messages
- & Disabling Security Tools
- memory dump obstruction
- + SMTP connection discovery
- & Lock User Out of Device (mobile)
- + hijack system resources
- & Generate Fraudulent Advertising Revenue (mobile)
- & Wipe Device Data (mobile)
- + destroy hardware
- hide kernel modules
- secondary CPU execution
- & Bootkit
- flow-oriented disassembler prevention
- call graph prevention
- linear disassembler prevention
- debugger prevention
- capture keyboard input
- sandbox detect & evade
- sandbox obstruction
- virtual machine detect & evade
- domain name generation
- debugger detect & evade
- symbolic obfuscation
- interleaving code
- dead code insertion
- entry point obfuscation
- code encryption
- code compression
- import address table obfuscation
- prevent concurrent execution
- emulator detect & evade
- Timing/Delay Checks
- Timing/Date Checks
- emulator prevention
- Undocumented Opcodes
- Guard Pages
- Instruction Overlap
- Debugger Artifacts
- Extended/Different Instruction Sets
- Unusual/Undocumented API Calls
- Extra Loops/Time Locks