Potential Qakbot Registry Activity (1c8e96cd-2bed-487d-9de0-b46c90cade56)
Detects a registry key used by IceID in a campaign that distributes malicious OneNote files
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Potential Qakbot Registry Activity (1c8e96cd-2bed-487d-9de0-b46c90cade56) | Sigma-Rules | Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | 1 |