The Registry Hunter :: Velociraptor - Digging deeper!
Tags
| attack-pattern: | Data Direct Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 3f99603d-3fdb-4990-9679-7a9df23e8f8d |
| Fingerprint | 7edf1022e1a7624d |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 12, 2024, midnight |
| Added to db | Aug. 31, 2024, 2:04 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | The Registry Hunter |
| Title | The Registry Hunter :: Velociraptor - Digging deeper! |
| Detected Hints/Tags/Attributes | 30/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://docs.velociraptor.app/blog/2024/2024-04-12-registry-hunter/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 104 | ✔ | Velociraptor Blog | https://docs.velociraptor.app/blog/index.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | File | 11 | windows.reg |
|
| Details | File | 2 | istry.sys |
|
| Details | File | 193 | ntuser.dat |
|
| Details | File | 2 | c:\users\administrator\ntuser.dat |
|
| Details | File | 2 | import.reg |
|
| Details | Github username | 9 | velocidex |
|
| Details | Url | 1 | https://github.com/velocidex/registry_hunter |
|
| Details | Windows Registry Key | 1 | HKEY_USERS\Administrator\Software |
|
| Details | Windows Registry Key | 2 | HKEY_LOCAL_MACHINE\Security |