there are quite a few ways to query a registry value, thanks @mehunhoff https://github.com/fireeye/capa-rules/blob/6a64378cc57a8b4c88947adb1b2bc42fcf07b8cc/host-interaction/registry/query/query-registry-value.yml
there are quite a few ways to query a registry value, thanks @mehunhoff
https://github.com/fireeye/capa-rules/blob/6a64378cc57a8b4c88947adb1b2bc42fcf07b8cc/host-interaction/registry/query/query-registry-value.yml
