Intel Name: Registry export of third-party credentials
Date of Scan: May 27, 2025
Impact: Medium
Summary:
Detects the use of reg.exe to export registry paths linked to third-party credentials.
This technique is commonly used by credential stealers to extract sensitive data stored in the Windows registry.
