run key investigation
OpenIOC1.0
by @iocbucket
sha1:
8caf97c64aa2097cfbc1bca004b8083c6b55adce
short description:
run key investigation
long description:
this ioc will collect information on what kind of extensions are located in the hkcu and hklm run key, a common registry entry for malware persistence.