11 2 4 11 0 0x8000000000000000 1729 Microsoft-Windows-Sysmon/Operational EC2AMAZ-2RSGUKB - 2024-01-11 16:48:24.663 BA130F33-1BD8-65A0-BA09-000000009502 7964 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows 2024-01-11 16:48:24.663 EC2AMAZ-2RSGUKB\user 1 5 4 1 0 0x8000000000000000 28242 Microsoft-Windows-Sysmon/Operational quadra.snapattack.labs - 2023-08-29 17:38:57.877 BD1BA16A-2D31-64EE-220B-000000001200 11180 C:\Windows\IME\IMEJP\conhost.exe 4, 42, 0, 9798 SoftEther VPN SoftEther VPN SoftEther VPN Project at University of Tsukuba, Japan. vpnbridge_x64.exe "C:\WINDOWS\ime\imejp\conhost.exe" /service C:\Windows\system32\ NT AUTHORITY\SYSTEM BD1BA16A-4999-649C-E703-000000000000 0x3e7 0 System MD5=8D376C9D983F26E627FFC095C2D3BB9E,SHA256=DD90301602DFD1749A93D24E9428A60043F7644942A5300D8E2EF53848610E14,IMPHASH=C64A73B500525BF8C854F8CFDDB0A2D9 BD1BA16A-4998-649C-0A00-000000001200 816 C:\Windows\System32\services.exe C:\Windows\system32\services.exe NT AUTHORITY\SYSTEM 1 5 4 1 0 0x8000000000000000 28242 Microsoft-Windows-Sysmon/Operational quadra.snapattack.labs - 2023-08-29 17:38:57.877 BD1BA16A-2D31-64EE-220B-000000001200 11180 C:\Windows\IME\IMEJP\conhost.exe 4, 42, 0, 9798 SoftEther VPN SoftEther VPN SoftEther VPN Project at University of Tsukuba, Japan. vpnbridge_x64.exe "C:\WINDOWS\ime\imejp\conhost.exe" /service C:\Windows\system32\ NT AUTHORITY\SYSTEM BD1BA16A-4999-649C-E703-000000000000 0x3e7 0 System MD5=8D376C9D983F26E627FFC095C2D3BB9E,SHA256=DD90301602DFD1749A93D24E9428A60043F7644942A5300D8E2EF53848610E14,IMPHASH=C64A73B500525BF8C854F8CFDDB0A2D9 BD1BA16A-4998-649C-0A00-000000001200 816 C:\Windows\System32\services.exe C:\Windows\system32\services.exe NT AUTHORITY\SYSTEM