Potential Persistence Via Outlook Home Page (ddd171b5-2cc6-4975-9e78-f0eccd08cc76)
Detects potential persistence activity via outlook home page. An attacker can set a home page to achieve code execution and persistence by editing the WebView registry keys.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | Potential Persistence Via Outlook Home Page (ddd171b5-2cc6-4975-9e78-f0eccd08cc76) | Sigma-Rules | 1 |