Registry Modification Via Regini.EXE (5f60740a-f57b-4e76-82a1-15b6ff2cb134)
Detects the execution of regini.exe which can be used to modify registry keys, the changes are imported from one or more text files.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Registry Modification Via Regini.EXE (5f60740a-f57b-4e76-82a1-15b6ff2cb134) | Sigma-Rules | Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | 1 |