Skip to content

Hide Navigation Hide TOC

Displaying Hidden Files Feature Disabled (5a5152f1-463f-436b-b2f5-8eceb3964b42)

Detects modifications to the "Hidden" and "ShowSuperHidden" explorer registry values in order to disable showing of hidden files and system files. This technique is abused by several malware families to hide their files from normal users.

Cluster A Galaxy A Cluster B Galaxy B Level
Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) Attack Pattern Displaying Hidden Files Feature Disabled (5a5152f1-463f-436b-b2f5-8eceb3964b42) Sigma-Rules 1
Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) Attack Pattern Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern 2