Potential Defense Evasion Via Right-to-Left Override (ad691d92-15f2-4181-9aa4-723c74f9ddc3)

Detects the presence of the "u202+E" character, which causes a terminal, browser, or operating system to render text in a right-to-left sequence. This is used as an obfuscation and masquerading techniques.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Right-to-Left Override - T1036.002 (77eae145-55db-4519-8ae5-77b0c7215d69)	Attack Pattern	Potential Defense Evasion Via Right-to-Left Override (ad691d92-15f2-4181-9aa4-723c74f9ddc3)	Sigma-Rules	1
Right-to-Left Override - T1036.002 (77eae145-55db-4519-8ae5-77b0c7215d69)	Attack Pattern	Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0)	Attack Pattern	2