Disable Windows Explorer file associations for Disc Image Mount (ISO, IMG, VHD, VHDX)
Tags
| attack-pattern: | Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | db6bcc89-5df9-4989-90b0-ea7de261cb8d |
| Fingerprint | b13c951f0d01364d |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 2, 2022, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Dec. 9, 2024, 5:45 p.m. |
| Headline | wdormann/disable_discimage.reg |
| Title | Disable Windows Explorer file associations for Disc Image Mount (ISO, IMG, VHD, VHDX) |
| Detected Hints/Tags/Attributes | 10/1/11 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://gist.github.com/wdormann/fca29e0dcda8b5c0472e73e10c78c3e7 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 1 | disable_discimage.reg |
|
| Details | File | 6 | windows.iso |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.iso |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\Windows.IsoFile\shell\mount\command |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.img |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.vhdx |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.vhd |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.img |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iso |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vhd |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vhdx |