Hiding Registry keys
Brian Reitz is a senior threat analyst. He wanted to test the detection of various types of registry stamina. One of the methods used by the Kovter malware family. It is the perseverance trick. This trick is described in detail in a report from Symantec for September 2015 and analyzed by MalwareBytes, Airbus Cybersecurity and Reagta. The Windows Registry is an area for detecting blue commands, because the “tubeless” methods become more common.
You can get acquainted with the enumeration, structure and definition of functions, as well as creating an autorun key in this article.