4688 2 0 13312 0 0x8020000000000000 615484 Security WIN10-21H1.snapattack.labs S-1-5-18 WIN10-21H1$ snapattack 0x3e7 0x28e8 C:\Windows\System32\cmd.exe %%1936 0x54c cmd.exe cmd /c "C:\Users\localuser\AppData\Local\Temp\tmpDD8A.bat" > C:\Users\localuser\AppData\Local\Temp\tmpDD79.tmp 2>&1 S-1-0-0 - - 0x0 C:\Windows\System32\svchost.exe S-1-16-16384 4698 1 0 12804 0 0x8020000000000000 149197 Security EC2AMAZ-2RSGUKB S-1-5-18 EC2AMAZ-2RSGUKB$ WORKGROUP 0x3e7 \Level\Level Watchdog Ensures the Level service is always running. For more details, see https://docs.level.io/1.0/admin-guides/level-watchdog-task. \Level\Level Watchdog PT10M true 2023-11-20T15:14:24Z true IgnoreNew false false true false false PT10M PT1H true false true true false false false true false PT72H 7 C:\Program Files\Level\level.exe --check-service system InteractiveToken LeastPrivilege 186054959605743694 3860 772 0 EC2AMAZ-2RSGUKB 4688 2 0 13312 0 0x8020000000000000 615484 Security WIN10-21H1.snapattack.labs S-1-5-18 WIN10-21H1$ snapattack 0x3e7 0x28e8 C:\Windows\System32\cmd.exe %%1936 0x54c cmd.exe cmd /c "C:\Users\localuser\AppData\Local\Temp\tmpDD8A.bat" > C:\Users\localuser\AppData\Local\Temp\tmpDD79.tmp 2>&1 S-1-0-0 - - 0x0 C:\Windows\System32\svchost.exe S-1-16-16384 4698 1 0 12804 0 0x8020000000000000 149197 Security EC2AMAZ-2RSGUKB S-1-5-18 EC2AMAZ-2RSGUKB$ WORKGROUP 0x3e7 \Level\Level Watchdog Ensures the Level service is always running. For more details, see https://docs.level.io/1.0/admin-guides/level-watchdog-task. \Level\Level Watchdog PT10M true 2023-11-20T15:14:24Z true IgnoreNew false false true false false PT10M PT1H true false true true false false false true false PT72H 7 C:\Program Files\Level\level.exe --check-service system InteractiveToken LeastPrivilege 186054959605743694 3860 772 0 EC2AMAZ-2RSGUKB