If Kali Linux has acquired a meterpreter shell of the victim's system, the shell supports a variety of attack commands, including system privilege escalation, keylogging, snapshots, registry, and processes.
It supports the ability to manipulate the registry among attack commands, which is that the session breaks when the victim reboots, so if the backdoor is registered in the automatic registry, the session continues.
Kali Linux Registry
An attacker uploads a backdoor (svchost.exe) to a specific location to infiltrate the victim's system later after successful penetration. Also, register the backdoor in the start registry so that the victim automatically connects with the attacker upon reboot.
Kali Linux Registry Manipulation
Once the registry has been tampered with in the meterpreter shell, go to the victim's system and run the Registry Editor window. When you navigate to the startup registry path, the svchost.exe is registered.