SolarMarker campaign used novel registry changes to establish persistence
Inserting custom file handling rules for a randomly-created file extension and a .LNK in Windows’ startup folder, malware installer created a stealthy persistence mechanism for backdoor.