hasherezade/test.reg

Last active December 31, 2023 19:26

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/hasherezade/e3b5682fee27500c5dabf5343f447de3.js"></script>
Save hasherezade/e3b5682fee27500c5dabf5343f447de3 to your computer and use it in GitHub Desktop.

Download ZIP

Demo: persistence key not visible for sysinternals autoruns (in a default configuration - read more: https://twitter.com/hasherezade/status/849756054145699840)

Raw

	Windows Registry Editor Version 5.00

	[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
	@="Rundll32.exe SHELL32.DLL,ShellExec_RunDLL \"C:\\ProgramData\\test.exe\""

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment