Registry Hide Function from User (5a93eb65-dffa-4543-b761-94aa60098fb6)
Detects registry modifications that hide internal tools or functions from the user (malware like Agent Tesla, Hermetic Wiper uses this technique)
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Registry Hide Function from User (5a93eb65-dffa-4543-b761-94aa60098fb6) | Sigma-Rules | Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | 1 |