Skip to content

Hide Navigation Hide TOC

Displaying Hidden Files Feature Disabled (5a5152f1-463f-436b-b2f5-8eceb3964b42)

Detects modifications to the "Hidden" and "ShowSuperHidden" explorer registry values in order to disable showing of hidden files and system files. This technique is abused by several malware families to hide their files from normal users.

Cluster A Galaxy A Cluster B Galaxy B Level
Displaying Hidden Files Feature Disabled (5a5152f1-463f-436b-b2f5-8eceb3964b42) Sigma-Rules Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) Attack Pattern 1
Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) Attack Pattern 2