New BgInfo.EXE Custom WMI Query Registry Configuration (cd277474-5c52-4423-a52b-ac2d7969902f)
Detects setting of a new registry value related to BgInfo configuration, which can be abused to execute custom WMI query via "BgInfo.exe"
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| New BgInfo.EXE Custom WMI Query Registry Configuration (cd277474-5c52-4423-a52b-ac2d7969902f) | Sigma-Rules | Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | 1 |