Windows malware persistence techniques and tricks
Today I’ll wrote about the result of self-researching “classic” persistence trick: startup folder registry keys.
Adding an entry to the ‘run keys’ in the registry will cause the app referenced to be executed when a user logs in. These apps will be executed under the context of the user and will have the account’s associated permissions level. Windows malware persistence techniques and tricks