System Information Discovery via Registry Queries (0022869c-49f7-4ff2-ba03-85ac42ddac58)
Detects attempts to query system information directly from the Windows Registry.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
System Information Discovery via Registry Queries (0022869c-49f7-4ff2-ba03-85ac42ddac58) | Sigma-Rules | System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1) | Attack Pattern | 1 |