Mamutu 3.0
All the ideas and discussions
It is not very useful to know that a program tries to write a key in the registry, if you don't know what key (and content). Similarly, when a program is injecting code in a process, it would be nice to know the process name. Currently, we can just try to guess if the behaviour is justified or really malicious.