all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Windows Defender detects shellcode in Registry hive

Add to bookmarks
April 5, 2022, 1:33 p.m. | /u/visitedspace

cybersecurity www.reddit.com

I've been analyzing a Virus Alert from Windows Defender, and my investigation thus far has lead me to "probably a false positive".

According to Defender, it found shellcode inside the Windows registry hive at C:\\Windows\\System32\\config\\SOFTWARE.

Malware Name: Exploit:Win32/ShellCode.gen!J

Defender classifies this as "Severe".

I'm not a shellcode or RE expert, but what would be the use of a bad actor "hiding" shellcode in this registry file? My limited understanding of how shellcode works is it requires an execution environment. Shellcode …

cybersecurity defender hive registry shellcode windows windows defender

Visit resource

More from www.reddit.com / cybersecurity

Why haven’t we seen Financial Loss at Bank Levels? 2 hours ago | www.reddit.com
access addresses bank banks +16
THM vs HTB vs HTB Academy for a computer science graduate 9 hours ago | www.reddit.com
academy beginner computer computer science +14
Nations Require Licensure of Cybersecurity Pros 9 hours ago | www.reddit.com
cybersecurity
Has anyone experienced any incident involving a malicious USB drop? 9 hours ago | www.reddit.com
cybersecurity device drive employee +9
What do you use to document your personal projects? 11 hours ago | www.reddit.com
code cyber cybersecurity document +9
In the era of hostile hardware/firmware, is endpoint cybersecurity/cryptography still possible? 13 hours ago | www.reddit.com
aes can challenge cipher +14
Should Aspiring Cybersecurity Professionals Join the Industry Right Now? Yes or No - Who's Right? 13 hours ago | www.reddit.com
advice bureau cybersecurity cybersecurity professionals +11
What are your go-to cybersecurity frameworks and why? 18 hours ago | www.reddit.com
can context cybersecurity cybersecurity frameworks +14
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs 19 hours ago | www.reddit.com
att bugs cybersecurity infosec +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineering Professional

@ Nokia | India
View on infosec-jobs.com

Cyber Intelligence Exercise Planner

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Technical Lead, HR Systems Security

@ Sun Life | Sun Life Wellesley
View on infosec-jobs.com

SecOps Manager *

@ WTW | Thane, Maharashtra, India
View on infosec-jobs.com

Consultant Appels d'Offres Marketing Digital

@ Numberly | Paris, France
View on infosec-jobs.com
View more jobs