Can open EDR detect the malicious use (execution) of Living of the Land Binaries (LOLBINS) by default

Can open EDR detect the malicious use (execution) of Living of the Land Binaries (LOLBINS) by default.
I mean is open EDR it also trained on ML and behaviour based detection of malicious use of LOLBINS by default. I want EDR to detect the malicious use Living of the Land Binaries. Will it detect malicious use of LOLBINS by default after installing it or i need to explicitly create rules for that?

hi @Jahanzaib , of course, if you use the OpenEDR in the Xcitium cloud, it’s all there plus more…