ETW Logging Disabled For SCM (4f281b83-0200-4b34-bf35-d24687ea57c2)

Detects changes to the "TracingDisabled" key in order to disable ETW logging for services.exe (SCM)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4)	Attack Pattern	ETW Logging Disabled For SCM (4f281b83-0200-4b34-bf35-d24687ea57c2)	Sigma-Rules	1
Disable or Modify Tools - T1685 (bbde9781-60aa-4b8a-a911-895b0c1b3872)	Attack Pattern	ETW Logging Disabled For SCM (4f281b83-0200-4b34-bf35-d24687ea57c2)	Sigma-Rules	1