New BgInfo.EXE Custom DB Path Registry Configuration (53330955-dc52-487f-a3a2-da24dcff99b5)
Detects setting of a new registry database value related to BgInfo configuration. Attackers can for example set this value to save the results of the commands executed by BgInfo in order to exfiltrate information.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | New BgInfo.EXE Custom DB Path Registry Configuration (53330955-dc52-487f-a3a2-da24dcff99b5) | Sigma-Rules | 1 |