Rule Info
Name
Registry Modifications to Change Default Programs Handling Files
Author
X__Junior
Description
Detects change to the default program handling file extension, which could be used by threat actors to run there malware when a certain extension is opened.
Reference
Internal Research
Date
2024-10-28 00:00:00
Modified
None
Id
27e754cd-fdd2-4264-95e8-fa626133cc5c
Tags
attack.defense-evasion attack.t1112
Type
Nextron Sigma feed only (private)