From ema
Revision as of 18:07, 7 July 2017 by Cicalese (talk | contribs) (Text replacement - "|Experimental=No " to "")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Attribute Category: Common
Name: technique
Description: The `technique' value refers to techniques that are used in an instance of a behavior.
Type: Enumerable List
Enumerable Values: api call checking, bios manipulation, direct kernel object manipulation, dll search path hijacking, file system manipulation, firmware manipulation, inline/iat/eat hooking, irp filtering, periodic check/recreation, windows registry manipulation, windows service manipulation

file system manipulation

windows registry manipulation
windows service manipulation
direct kernel object manipulation
bios manipulation
firmware manipulation
periodic check/recreation
irp filtering
inline/iat/eat hooking
api call checking
dll search path hijacking