Week of Data Dumps, Part 2 – GUIDs

July 22, 2022 in Archaeology, Clustering, File Formats ZOO

There was a time when knowing GUIDs of adware/spyware you could instantly attribute a sample to a known rogue company or group. Of course, these days are long gone, but what’s left behind is knowledge which GUIDs map to what…

GUIDs are all over the place – there are CLSIDs, UUIDs, they can refer to classes, interfaces, object properties, known folder IDs, even old ActiveX controls and IE toolbars, and new ones keep coming in ! So how do we know which ones are important?

My recipe was to always collect as many of these as possible!

This is a small excerpt from some quick regex-fu over HijackThis Logs. And here is a list of GUIDs I have built over the years.

Comments are closed.