Windows Artifacts

Windows artifacts are artifacts that WildFire associates with samples after analyzing the samples in a Windows OS analysis environment.
Artifact Type
Search with this Artifact Type to Find...
Mutex Activity
A mutex (mutual exclusion object) allows programs to share the same resource, though the resource cannot be used by more than one program simultaneously. If the sample generates other program threads when executed in the analysis environment, the mutex created when the programs start is listed along with the parent process.
Registry Activity
Windows Registry settings and options that showed activity when the sample was executed in the analysis environment. Artifacts listed for each registry activity include the parent process that was active, the registry method used by the parent process (Action), and the parameters column lists the registry key that was set, modified, or deleted.

Related Documentation