The Windows Registry Adventure #5: The regf file format
Common Information
Type Value
UUID 65e8b549-b4bb-4c02-b5e7-95ccfee59ee8
Fingerprint 765b401794a7e285
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 19, 2024, 11:03 a.m.
Added to db Dec. 21, 2024, 3:29 a.m.
Last updated Dec. 21, 2024, 4:22 a.m.
Headline Project Zero
Title The Windows Registry Adventure #5: The regf file format
Detected Hints/Tags/Attributes 86/1/40
Attributes
Details Type #Events CTI Value
Details CVE 4
cve-2022-37988
Details CVE 15
cve-2024-43452
Details CVE 14
cve-2023-35386
Details CVE 11
cve-2023-38154
Details CVE 4
cve-2022-38037
Details CVE 8
cve-2023-35357
Details CVE 8
cve-2023-35358
Details CVE 5
cve-2023-35633
Details CVE 1
cve-2015-0073
Details CVE 3
cve-2019-0881
Details CVE 1
cve-2024-26178
Details CVE 4
cve-2023-21748
Details CVE 6
cve-2023-23420
Details CVE 4
cve-2023-21747
Details CVE 5
cve-2022-37956
Details CVE 2
cve-2024-26182
Details CVE 3
cve-2022-34708
Details CVE 3
cve-2022-35768
Details CVE 4
cve-2022-34707
Details CVE 4
cve-2023-28248
Details CVE 10
cve-2023-35356
Details CVE 13
cve-2023-35382
Details CVE 2
cve-2023-38139
Details CVE 15
cve-2024-43641
Details CVE 1
cve-2024-26173
Details CVE 4
cve-2022-37991
Details CVE 1
cve-2024-26176
Details Domain 2
proto.hiv
Details File 139
ntoskrnl.exe
Details File 15
settings.dat
Details File 2
activationstore.dat
Details File 2
offreg.dll
Details File 15
activeds.dll
Details File 193
reg.exe
Details File 1
_cm_key_value.dat
Details Windows Registry Key 3
HKLM\HARDWARE
Details Windows Registry Key 1
HKLM\BCD00000000
Details Windows Registry Key 53
HKLM\Software\Microsoft\Windows
Details Windows Registry Key 18
HKLM\Software
Details Windows Registry Key 42
HKLM\System\CurrentControlSet\Control\Session