Windows Filtering Platform: Persistent state under the hood
Tags
attack-pattern: Data
Common Information
Type Value
UUID c3ceea2c-da95-4049-a650-0b8d9498d123
Fingerprint af13ea5268188476
Analysis status DONE
Considered CTI value 0
Text language
Published March 4, 2016, midnight
Added to db Jan. 18, 2023, 8:42 p.m.
Last updated Dec. 20, 2024, 1:38 p.m.
Headline Windows Filtering Platform: Persistent state under the hood
Title Windows Filtering Platform: Persistent state under the hood
Detected Hints/Tags/Attributes 34/1/15
Attributes
Details Type #Events CTI Value
Details Domain 217
msdn.microsoft.com
Details Domain 1
www2.opengroup.org
Details Domain 3
pubs.opengroup.org
Details File 3
bfe.dll
Details File 8
netio.sys
Details File 1
toc.pdf
Details File 1
cc243560.aspx
Details File 8
firewallapi.dll
Details Url 1
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366509(v=vs.85).aspx
Details Url 1
https://www2.opengroup.org/ogsys/catalog/c706
Details Url 1
http://pubs.opengroup.org/onlinepubs/009629399/toc.pdf
Details Url 1
http://msdn.microsoft.com/en-us/library/cc243560.aspx
Details Url 1
http://msdn.microsoft.com/en-us/library/windows/desktop/aa378635(v=vs.85).aspx
Details Windows Registry Key 1
HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\BootTime
Details Windows Registry Key 1
HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent