From c8515897e9cdc38db7e5b71f2b4249308db5de82 Mon Sep 17 00:00:00 2001
From: Yanai Lipshitz <33809628+Yanaili@users.noreply.github.com>
Date: Thu, 4 Jul 2019 16:10:33 +0300
Subject: [PATCH] Regex fix

Fixed the Regex of 'match_key'.
---
 modules/signatures/windows/persistence_bootexecute.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/signatures/windows/persistence_bootexecute.py b/modules/signatures/windows/persistence_bootexecute.py
index 86b6c7582..bfd4d35d2 100644
--- a/modules/signatures/windows/persistence_bootexecute.py
+++ b/modules/signatures/windows/persistence_bootexecute.py
@@ -38,7 +38,7 @@ def on_call(self, call, process):
             self.registry_writes[fullname] = call["arguments"]["value"]
 
     def on_complete(self):
-        match_key = self.check_key(pattern=".*\\\\SYSTEM\\\\(CurrentControlSet|ControlSet001)\\\\Control\\\\Session\\ Manager\\\\(BootExecute|SetupExecute|Execute|S0InitialCommand)", regex=True, actions=["regkey_written"], all=True)
+        match_key = self.check_key(pattern=".*\\\\SYSTEM\\\\(CurrentControlSet|ControlSet001)\\\\Control\\\\Session Manager\\\\(BootExecute|SetupExecute|Execute|S0InitialCommand)", regex=True, actions=["regkey_written"], all=True)
         if match_key:
             self.found_bootexecute = True
             for match in match_key: