Tag

Attack.t1547.001

2 briefs RSS

Windows Registry Classes Autorun Keys Modification for Persistence

Adversaries modify Windows Registry Classes keys to establish persistence by executing malicious code when specific file types are opened or actions are performed, potentially leading to privilege escalation and persistent access.

Windows attack.privilege-escalation attack.persistence attack.t1547.001

3r 1t Jan 28, 2024

medium advisory

Office Application Autorun Registry Key Modification

2 rules 1 TTP

Adversaries modify Office application autostart extensibility point (ASEP) registry keys to achieve persistence and execute malicious code when Office applications are launched.

Microsoft Office attack.privilege-escalation attack.persistence attack.t1547.001

2r 1t Jan 3, 2024