ATT&CK 기법 · Discovery
Query Registry T1012
이 기법을 다룬 REVELARE 한국어 위협 분석 1편 · Discovery
이 기법을 다룬 분석
MITRE 공식 정의
Adversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software. The Registry contains a significant amount of information about the operating system, configuration, software, and security.(Citation: Wikipedia Windows Registry) Information can easily be queried using the [Reg](https://attack.mitre.org/software/S0075) utility, though other means to access the Registry exist. Some of the information may help adve…
플랫폼: Windows