Hi to all,
I`m working on a malware & and found the malware modifies these registries:
I searched but I could not find what is the job of these registries.
I`m working on a malware & and found the malware modifies these registries:
Code:
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: ED C3 98 A0 14 DD 23 15 10 39 EE 58 68 2E 8B 59 C1 7D E9 83 B0 0F E5 F4 7B D3 7A B5 D9 43 27 EC 98 35 3A 72 95 6C BD D8 4D 2E 68 F0 7F 66 BF F9 7A CE 88 5B CD 34 D2 CA C1 FA 15 51 A7 9E 91 C8 AF 6D 5E 20 6D A9 E2 F7 83 A6 80 F9 85 B2 00 B3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesProcessed: 0x00000086
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesSuccessful: 0x00000084
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\LastTraceFailure: 0x00000004
I searched but I could not find what is the job of these registries.