v9.1.0

Summary

Added: 2 rules
Modified: 51 rules
Renamed: 3 rules
Deleted: 0 rules

Detailed release changes: rules v9.0.0...v9.1.0

Added rules (2)

• anti-analysis/anti-forensic/clear-logs/clear-windows-event-logs-remotely.yml
• host-interaction/registry/change-registry-key-timestamp.yml

Modified rules (51)

• anti-analysis/anti-forensic/clear-logs/clear-windows-event-logs.yml
• host-interaction/process/create/create-process-suspended.yml
• host-interaction/process/inject/inject-apc.yml
• lib/write-process-memory.yml
• nursery/check-for-windows-sandbox-via-mutex.yml
• nursery/persist-via-aedebug-registry-key.yml
• nursery/persist-via-amsi-registry-key.yml
• nursery/persist-via-app-paths-registry-key.yml
• nursery/persist-via-appcertdlls-registry-key.yml
• nursery/persist-via-application-shimming.yml
• nursery/persist-via-appx-registry-key.yml
• nursery/persist-via-autodialdll-registry-key.yml
• nursery/persist-via-autoplayhandlers-registry-key.yml
• nursery/persist-via-bootverificationprogram-registry-key.yml
• nursery/persist-via-code-signing-registry-key.yml
• nursery/persist-via-com-hijack.yml
• nursery/persist-via-command-processor-registry-key.yml
• nursery/persist-via-contextmenuhandlers-registry-key.yml
• nursery/persist-via-cor_profiler_path-registry-value.yml
• nursery/persist-via-default-file-association-registry-key.yml
• nursery/persist-via-disk-cleanup-handler-registry-key.yml
• nursery/persist-via-dotnet-dbgmanageddebugger-registry-key.yml
• nursery/persist-via-dotnet_startup_hooks-registry-key.yml
• nursery/persist-via-explorer-tools-registry-key.yml
• nursery/persist-via-filter-handlers-registry-key.yml
• nursery/persist-via-group-policy-registry-key.yml
• nursery/persist-via-hhctrl-com-hijack.yml
• nursery/persist-via-htmlhelp-author-registry-key.yml
• nursery/persist-via-image-file-execution-options-registry-key.yml
• nursery/persist-via-lsa-registry-key.yml
• nursery/persist-via-natural-language-registry-key.yml
• nursery/persist-via-netsh-registry-key.yml
• nursery/persist-via-network-provider-registry-key.yml
• nursery/persist-via-path-registry-key.yml
• nursery/persist-via-print-monitors-registry-key.yml
• nursery/persist-via-print-processors-registry-key.yml
• nursery/persist-via-rdp-startup-programs-registry-key.yml
• nursery/persist-via-screensaver-registry-key.yml
• nursery/persist-via-silentprocessexit-registry-key.yml
• nursery/persist-via-telemetrycontroller-registry-key.yml
• nursery/persist-via-timeproviders-registry-key.yml
• nursery/persist-via-ts-initialprogram-registry-key.yml
• nursery/persist-via-userinitmprlogonscript-registry-value.yml
• nursery/persist-via-windows-error-reporting-registry-key.yml
• persistence/registry/appinitdlls/persist-via-appinit_dlls-registry-key.yml
• persistence/registry/ginadll/persist-via-ginadll-registry-key.yml
• persistence/registry/persist-via-active-setup-registry-key.yml
• persistence/registry/run/persist-via-run-registry-key.yml
• persistence/registry/winlogon-helper/persist-via-winlogon-helper-dll-registry-key.yml
• persistence/scheduled-tasks/schedule-task-via-schtasks.yml
• persistence/service/persist-via-windows-service.yml

Renamed rules (3)

• host-interaction/mutex/check-mutex-and-terminate-process-on-windows.yml (was host-interaction/mutex/check-mutex.yml)
• host-interaction/mutex/check-mutex-on-windows.yml (was host-interaction/mutex/check-mutex-and-exit.yml)
• host-interaction/mutex/create-or-open-mutex-on-windows.yml (was host-interaction/mutex/create-mutex.yml)